Isn’t it funny that every tech commenter was like “Apple would have to re-engineer their whole iMessage stack if they want to cut off access to Beeper Mini”?
The thing with this service is, if I understand it correctly, that they were using someone else’s device ID to send messages.
So, say for example that someone started using my Mac Mini’s ID (my Mac being located in Madrid, Spain) to send iMessages in the US….
People expected Apple not noticing it?
It worked when it was some hacker’s project because at that time, a few stolen Apple device IDs didn’t raise too many red flags. But at a large scale, and used by a company, it may be easy for Apple to detect.
And don’t be fooled: the system worked by stealing someone else’s legitimate device ID, and pose as it to send messages to the system. So, this company could be making money by using you Apple device ID. I’m not ok with that.
I was under the impression that interaction with Apple’s servers required some kind of “proof” (honor system really) that you’re using an Apple device, which used device ID that was spoofed; just like how Hackintosh had done for push notifications for years.
Worth noting that Hackintosh got to a point where someone wrote scripts to generate random strings to brute force until they encounter a valid device ID, so they’d literally assume someone else’s legitimate device to get push notifications.
That would seem to imply that tech commenters know less than Apple about Apple’s own servers. Shocking.
My bet is that is if Apple comments at all, they will talk about closing a security vulnerability rather than cutting off android users.
My bet is that is Apple comments at all, they will talk about closing a security vulnerability rather than cutting off android users.
Aaaand you were right!
And the founders quote is hilarious.
“if Apple truly cares about the privacy and security of their own iPhone users, why would they stop a service that enables their own users to now send encrypted messages to Android users, rather than using unsecure SMS?”
One of these things are their own iPhone users. One of them is not.
Swoosh.
If you want security, stay in the Apple ecosystem and you don’t need to send to insecure android users.
@EliasChao @apple_enthusiast That’s essentially the same thing, LMAO.