Show HN: Beeper Mini – iMessage client for Android - https://news.ycombinator.com/item?id=38531759 - Dec 2023 (863 comments)

iMessage, explained - https://news.ycombinator.com/item?id=38532167 - Dec 2023 (143 comments)

"My prediction is that Apple will make changes—fixing bugs and/or closing loopholes—that break Beeper Mini. It’s untenable that there’s unsanctioned client software for a messaging platform for which privacy and security are a primary feature.

It’s a very nice app, remarkably clever, and for now works like a charm, but if Apple wanted an iMessage client for Android they’d release an iMessage client for Android. Seems irresponsible for Beeper to charge a subscription for an unsupported service."

https://www.threads.net/@gruber/post/C0k1VgyMGZN?hl=en

I don't follow this logic at all. Shouldn't supporting thirdparty clients be desirable if security is a primary feature in the interest of transparency? Especially if the reference client is proprietary and undocumented.

It would be healthier to assume multi-polarity and lean into it.

Look no further than the other news that came out this week re: government spying via push notifications. (https://www.reuters.com/technology/cybersecurity/governments...) Consumers rationally trust the few big companies which are incentive-aligned to protect their data and government then goes after those few big companies. I thought this was particularly galling:

> In a statement, Apple said that Wyden's letter gave them the opening they needed to share more details with the public about how governments monitored push notifications.

> "In this case, the federal government prohibited us from sharing any information," the company said in a statement. "Now that this method has become public we are updating our transparency reporting to detail these kinds of requests."

People might want to think about how AirTags and Find My Phone work...

rotating BTLE identifiers controlled by a pseudorandom sequence derived from a key, and tunneled over end to end encryption?

There is a quote in the top level comment of this thread that says that.

> It’s untenable that there’s unsanctioned client software for a messaging platform for which privacy and security are a primary feature.

All they're saying is that the existence of third party software compromises Apple's ability to make blanket statements about the security and privacy of this one specific platform. An unofficial third party client breaks an established network of trust — which is an objective fact. If you doubt this, then you really should use this Chromium fork I just developed. Use it to log into your internet banking. Don't be scared. There's nothing to worry about. See, there's a lock symbol in the address bar and everything.

Can a bad actor slap a green lock on an insecure browser clone and harm users? Certainly. And yet, in a survey of the systemic threats to security and privacy on the open web, such attacks are relegated to the margins.

Apple encourages a popular narrative that centralization and control beget trust, and from there may enable privacy and security. Look no further than the comments on this HN post to see the narrative echoed!

It's fair to point out that it's not literally what Gruber wrote, but readers will fill in the negative space around his uncritically apologetic commentary. To state the implied message: trust in Apple's way, and remember that third parties (who are not accountable to Apple) will ultimately deprive you of privacy and security!

That it’s not currently a problem is due to 25 years of strongly pushing for privacy & security.

We’re still not there (see Google & adblockers in chrome)

The web browser ecosystem has its own (different) problems, but iMessage lacks requisite variety to back up its particular claims to privacy and security (see that Reuters article for a preview).

I skipped past that because that wasn't what I had expressed disagreement about. Though now you elucidate further I'll say I fundamentally disagree with your "actual point" as expressed. While I agree that systems of distributed trust are fundamentally healthier, they are an order of magnitude harder, and rely upon educating users. And some percentage of users will always be impervious to education — see the continued prevalence of phishing scams for example.

A system which relies upon trusting fewer entities is inherently less fragile and less vulnerable to exploitation. It's true that systems can be designed which rely on users trusting a large number of entities, and can sometimes result in a more educated user base, but they're much harder to implement and much, much, much, much rarer in the real world.

But if we have centralization on the scale of a society, then anyone interested in any of the groups using that centralized source of secure data storage/transfer will be drawn to look for the flaws in that source. And there are always flaws, either technical, legal (as with the government spying mentioned elsewhere in the comments), or otherwise. And once any group manages to infiltrate that one source, they get access to everything dependent on it.

Sure, decentralized security is harder to get together, meaning we have an initially-high violation rate that decreases over time (though this can be supplemented by security-conscious users taking their own steps to protect their data). But centralized security at sufficiently large scales essentially guarantees a breach impacting everyone within its domain; and the kind of trust that would be required to sustain such centralization also anti-correlates with users independently adding additional layers of security to their systems.

This seems like a much greater risk than just accepting that users who are "impervious to education" will be vulnerable to certain social-side exploits, while everyone else will be reasonably safe.

Certainly this is not the first time some entity in the world has reverse-engineered iMessage; it's just the first time that it was publicized.

Apple did leave the hole open; they left it open until it threatened their customer lock-in. Only at that point did they decide that it was a security risk.

From what I understand Beeper Mini is interfacing with iMessage on-device, what's to stop another clients from using a server and intercepting messages? While I don't have time to look it up again, I think there was also something on how Beeper Mini is handling the push notifications when the app isn't open. While that may not leak a lot of information, and there is also the news of Apple/Google sharing push info with some governments, that's something that can at least raise some eyebrows when it comes to how private it is.

It sure as heck better have been designed with that in mind, because it sends SMS messages to uncontrolled 3rd party clients that could be stealing your information or spying on push notifications every single time you message an Android user.

I genuinely don't understand this argument. Do people think that SMS messages don't generate push notifications? Does Apple have a 1st-party SMS messenger available on Android that I'm not aware of? You're already communicating with 3rd-party clients that could be spying on you, and you're already receiving messages from those clients in the iMessage app. The biggest difference is that your messages with those clients today are fully unencrypted, so spying on them doesn't even require compromising an app.

It's weird for people to be so concerned about push notifications as if that's a decrease in security when the alternative system they're proposing is for iOS messages to be sent to Android devices fully unencrypted. Apple/Google can share all of that information with the government as well; if they're not being asked to it's only because the government can get it even more easily directly from the telcos.

It also changes nothing about my comment, because you can call SMS a different system all you want, but your conversations with Android users are still being sent unencrypted and any malicious payloads you get from SMS phones are still being loaded into the same Messages app. If you're worried that a 3rd-party client on Android is going to let a company spy on conversations you're having with Android users, then I still have real bad news for you about how Apple sends messages to Android users.

Draw the lines however you want between Messages and iMessages, but the security implications of Apple's setup are exactly the same. When you write a message to an Android contact, Apple sends that message unencrypted to a 3rd-party client that could by spying on you, leaking your data, or sending malicious payloads to your iOS Messages app. It still makes no sense whatsoever to be this concerned about the security of the push notifications for your messages to Android users when the alternative being proposed is to throw security entirely out of the window for those conversations. It is still a clear security improvement for conversations between Apple and Android users to be E2EE rather than to be sent over SMS, because the risks being raised about 3rd-party messaging clients are already present within those conversations today.

Security isn't about Apple knowing if an app is spying on users, but about THE USERS knowing that nobody is spying on them.

At best a third party iMessage client can only be as secure as iMessage itself because the back end is still closed and has no transparency, so it's the weakest link. If Apple (or a third party) is spying on the back end then no client can be safe.

> How would third-party clients _increase_ security (other than indirectly, by people using SMS less)?

They can increase security by breaking a single target into multiple targets, by increasing competition around security and privacy issues, by having more people use and work with the protocols and able to spot potential problems, by encouraging more transparency around issues when they arise, and by having alternatives readily available if one of the clients is found to be compromised or insecure.

And of course open source clients can be verified and validated by other developers and security professionals.

Clearly, what matters to Apple is what _they_ believe is secure, and they of course trust themselves more than they trust Beeper.

> At best a third party iMessage client can only be as secure as iMessage itself

Exactly, they can never be safer, and given that Apple, or we as users, know very little about the company behind the client, third-party clients are much less secure.

I believe you are speaking to transparency, not third party clients.

Beeper Mini actually bundled binaries that they didn't understand to bootstrap registration. They could only attempt to be compatible with messages that they have received, and verify messages they send show up correctly - they cannot know they covered all available options.

I speak to this as someone who reverse engineered MSN Messenger back in the early 2000s for an XMPP gateway - you'd occasionally find an entirely new type of message (requiring an entirely new parsing code path for their undocumented/bespoke messaging protocol) because someone registered for a stock ticker or the like.

There was no fuzzing the official servers or clients to see if they were robust or secure - the goal was to have a salable product. In fact, we saw other messaging systems where we had significant concerns based on our understanding of the protocols through reverse engineering, and we saw one vendor exploit a security vulnerability in their own shipping product in order to verify authenticity and block third party clients (which worked for a period of time)

From what I saw of the iMessage system, third party support is not going to be feasible even with a documented protocol without partnership, because there is an assumption of attestation of real, unique hardware as part of registration to prevent mass abuse.

True, but Apple caters specifically to a consumer base that can't know this and does not want to think about this. Whether this is health or sustainable in the future is another matter.

Everything you said is correct.

Beyond optics, let’s just look at attack surface. The implication that the sort of security holes that “openness” would fix are anywhere near the top of the list is…where’s that xkcd about cryptography and crowbars? It’s very clearly in the realm of nerdy cosplay. You know what is* a much more realistic threat? Some stupid third-party client on the Play store that exfiltrates all messages sent and received. Apple has absolutely no control over that. No protocol security accounts for that.

One way to avoid that outcome would be to have a first-party client on the Play store.

Instead, Apple drops all message security entirely from cross-platform communications for iOS users, allowing anyone to read those messages whether or not they have a crowbar. This is security 101: users do dangerous crap when the secure options don't have affordances for their use-cases. Users are lazy. If an official 1st-party secure client exists that meets their needs, they won't install a 3rd-party client. Users resort to dangerous and unsupported options when the safe, obvious options either don't work or aren't available.

And thankfully, we now know that it would be entirely possible for Apple to fix that problem and to move its own users off of SMS for communication with Android contacts, and we know that because a 16 year-old high-schooler was able to build that support with zero documentation. Presumably Apple is capable of doing the work of a 16 year-old. We now know that it would in fact be entirely possible for Apple using a 1st-party controlled, proprietary client with a proprietary protocol, to encrypt virtually every message that Apple users send to every one of their contacts, rather than what Apple does today where it encrypts... some of them.

None of this requires Apple to Open Source anything or to document or make available any of their protocols. The only reason Apple is in this position right now of needing to deal with 3rd-party clients is because of a lack of support from their 1st-party client.

I think that's my biggest gripe with the situation. Or my second-biggest. My biggest gripe is that the only notification that your messages are now not end-to-end encrypted is the green bubble. They don't tell you anywhere that the green bubble (also) means that.

The first half definitely made me think sarcasm, then the second half... I mean I know some people actually believe this... Then I noticed you said "encryption" instead of "protocol". Breaking an encryption standard is obviously very hard, breaking a protocol is obviously not nearly so hard.

On the other hand, taking this stance would be insane given the post we're talking about. A company that actively circumvented apples security measures. So you must be being sarcastic. You just have to be.

Remember, on the internet it's kinda hard to tell. Make sure to throw in a /s unless you really REALLY sell it.

It's just that in addition to sending your messages to 3rd party clients that could be stealing the data, Apple goes the extra step to make it even more insecure and also sends your messages completely unencrypted, so that everybody along the path from your device to the 3rd-party client can join in and also read your messages and can also use them for ad targeting or worse.

I'll make the argument that this is strictly worse for security than tolerating an encrypted 3rd-party client (or better, releasing their own 1st-party client rather than relying on SMS).

yeah can’t imagine why apple doesn’t use it

But Apple doesn't have to use it. They could release a messaging app for Android that used their own encryption, and they could encourage Android users to switch. But they don't do that, because distinguishing between Android and iOS users is ultimately more important to Apple than securing the conversations that Apple users have.

If RCS is garbage (and it is) then it is extremely weird that Apple has committed to supporting RCS for cross-platform messages instead of encouraging adoption of what would be a superior form of encryption for those conversations.

What you have to ask is, if you are an Apple user, why isn't Apple trying to encrypt every message that you send? Why are they asking you to use a garbage protocol when you send messages to Android users?

> yeah can’t imagine why apple doesn’t use it

Really, this statement should be reversed, it's difficult to imagine why Apple is planning to use RCS. Why is Apple more willing to implement a garbage protocol than they are willing to release a messaging app for Android?

If the richest company in the world wanted their chat app to run on Android, it would by now.

It's strange Apple doesn't sell an iMessage Android app, but I'm sure they've had somebody do the math and found out that it's more money for Apple in the long run if they don't.

Or put another way: If the privacy and security of imessage is compromised by someone building another client, I'd argue that you never had either to begin with.

I can't think of an any with independent implementations.

For instance, have a few third party Signal clients, which work by using the official libSignal . These are not third party clients, but third party GUIs. Use of libSignal on the official Signal network is also not supported or recommended.

Likewise, all the third-party Telegram clients I know of are forks using Telegram source.

This makes sense, because neither of these are stable systems. A third party has to stay up-to-date with features and changes made to the official servers and clients.

Do you know of a security and privacy focused messaging platform which is both:

1. documented

2. has multiple independent implementations of the networking and security protocols?

Another theme here is BBM (Bloomberg Messaging). People/Companies pay BB five figures per year just to get BBM. Why would they ever release a messaging app outside of the terminal. They will die before this happens.

years and years of "apple sheeple" variants tend to take their toll, you're just the latest in an endless parade of microaggressions even if you don't think your particular case was notable.

why is it so important for you to push on the idea apple users being thoughtless trend-followers? just don't do that, be better. you can do it. the next time you feel like posting that, simply take a deep breath and don't post it.

there is just no reason to go around posting that "[device that 50% of people own] users are all doing it for [trite/dismissive reason]" in the first place, let alone on a tech forum where everyone has very specific reasons for their tech purchases. and it's so completely normalized, android users do it so routinely and don't even think that what they are saying is offensive. it's literally the classic microaggression problem.

Imagine there is a theme park that has normal ticket booths and some requirements there to get in. Then there comes a Beeper that finds a hole in the fence on the perimeter and sets up their ticket booths there. It's in theme park's best interest to close that hole and cut off the revenue stream of somebody pigging back on their theme park.

Okay, I've stretched the metaphor out enough.

A Lamborghini Urus costs $230k so I guess it's morally acceptable to break into a dealership and steal it.

What a stupid take on the situation. At most it's untenable to Apples short term financial interests. A well designed protocol and implementation would be even better at protecting user privacy and security especially from a privileged attacker like the service provider and anyone able to put covert pressure on them.

The only way in which vendor lock-in helps the the existing users is that spammers and scammers have to invest additional money to acquire Apple devices to create new accounts instead of just phone numbers and a labor to create accounts.

Apple is, however, nothing for "privacy and security" beyond what they need to do to be marginally better, and that's a stretch these days. If Gruber really believes what he wrote he's full-on living in Apple's orchard behind the walled garden that Tim Cook splendidly gatekeeps. But because Apple puts marketing dollars behind ads that say "privacy" and "security" it must be so!

This is why it's always funny to me when the trope of the hour is the mass privacy failures of Signal through use of phone numbers. And then the author turns around and types out an iMessage to a blue-bubble friend. I really hope we can move beyond the Apple reality distortion machine and move to truly user focused platforms that aren't designed to steal user data or make the board richer.

Apple has become rotten.

yes, you can indeed build a secure system on the basis of increasing the economic cost of attack beyond reasonable levels and by forcing attackers to repeatedly slash their stake to perform an attack

Beeper made several design decisions that made the app super easy to use (i.e. using a single certificate that wasn't supplied by a user's phone), but if you extract the necessary source material from an old jailbroken iDevice, you could create an iMessage clone that Apple can't ban without either legal action or breaking compatibility with all easily jailbroken iOS devices.

Back in the days of AIM and MSN, even large companies used reverse engineering to get chat interoperability, and it was so successful that AIM left open an RCE vulnerability to push shellcode so that Microsoft couldn't chat through their service.

Whether that argument holds is for governments and courts to decide, ultimately.

At the same time, I miss the era of rich third party client ecosystems for things like AIM or MSN messenger. Blocking interoperability is a bummer for innovation.

Android vs iPhone is definitely a thing people in their 20s and 30s even use to judge others. I have polled quite a few family/friends, and it is near unanimous that it is a dealbreaker in dating, mostly because they assume there is a higher likelihood they will not mesh with the type of person the non iPhone user is.

>but that seems like a poor basis for anti-trust action.

Correct.

I was sharing that theory as a conjecture, since I have no reason to believe such a provision exists.

1. An enforceable contract existed (check!)

2. Beeper knew about the contract (check!)

3. Beeper's actions intentionally caused a breach of that contract (check!)

4. An actual breach of Apple's Terms & Conditions occurred

5. Apple had damages

None of those elements have much to do with profit.

- From the National Association of Criminal Defense Lawyers

Other way around. If anything, it sounds to me like Beeper Mini was acting illegally by accessing Apple’s servers in a way they didn’t give permission for.

The CFAA is ripe for abuse. I’m not saying applying it here would be just or not, only that Apple likely wasn’t the one acting illegally.

So I would summarize it as the corporate entity connecting to an Apple API and using it in undocumented ways that they reverse engineered, intercepting messages meant only for Apple software, doing so without prior permission, for purpose to selling access to services which would normally be covered by an Apple EULA.

It is not quite like a smaller word processor wanting to be able to import Word documents - without tying into Apple's service, Beeper Mini has zero value.

They may very well have violated the law as it is actually written.

Beeper is lucky they weren't sued under the DMCA anti-circumvention clause, as they clearly were bypassing the technological measures Apple uses to prevent genuine devices from connecting to iMessage & Apple services.

I think you’re likely right though. If they had such a claim I think their lawyers would have been on it instantly.

That’s why I mentioned the CFAA. Accessing servers without someone’s permission is the exact kind of thing people have gotten very stiff punishments for under the CFAA in the past. It’s basically the main reason I know the law exists, stories about peoples ridiculous punishments for relatively benign things.

Sure it’s useful for real things. I bet you can prosecute ransom under it. Or hacking to break into a rival company.

But it’s also great for when someone embarrasses a politician with stuff that they published on their own website and “something has to be done”.

1. If Apple sees this as a gap, it is very obvious that they would address that themselves, rather than by allowing a hack to exploit loopholes in their architecture

2. Since Apple has no control over the Beeper mini client, they would not consider it safe, it could easily be spying on users without their knowledge.

It was an acquihire involving a 16 year old who was doing it for fun.

It's the same reason they dragged their feet supporting RCS, until regulatory pressure started mounting.

I find this incredibly hard to believe. And just because the Apple marketing department believes something is true, doesn't make it so.

Maybe I run in a weird crowd, but I've never met anyone who cares whether "text messages" are delivered over SMS or iMessage. In general most messaging I do happens over Signal, WhatsApp, Discord, or (in a few unfortunate cases) Instagram messenger.

https://www.thurrott.com/apple/248931/apple-didnt-bring-imes...

Just wondering if you've forgotten what site you're on.

This is YC which exists to build companies whose main driver will always be profit.

that's the generalized pattern

As opposed to Beeper?

What phone do you use that does not have the same issue?

I've re-written this comment five or six times in an attempt to find the most charitable interpretation, but I just cannot comprehend how it made it through your filter and out onto the internet.

On a more serious note though, in the end Apple absolutely has the power of increasing everyone's capability and security by doing something like setting up a playbook of how iMessage could just use Signal protocol and how other actors could join in, or really anything else but doing this.

Is that really true though? Jailbroken phones, iMessage may still work. Any device security gets thrown out the window.

You also can't expect everyone to have an Apple device for security, which we've seen time and time again SS7 being weak - So is the requirement to remove SS7, for everyone to jump on the Apple train?

I see Beeper as doing Apple a service, not so much a competing platform, but a gateway to the iMessage ecosystem - 'Hey, this would be pretty cool to use without this app and have it native' vs the 'Only Apple devices can use this.'

Apple closes exploits which allow jailbreaking, precludes it in the EULA. What more would you have them do?

Preventing jailbreaking is not a good thing, in part since that's what allows us to check on what Apple is doing on the device, in regards to privacy, security and e2e encryption. If nobody can check, do you suppose we just accept their statements about the device as fact?

Subjective, speculative.

> when in reality

I think you mean "when in my opinion".

> they are making a decision on improving their profit

Speculative, and "improving their profit" is clumsy enough vocabulary that it's a red flag on continuing to discuss this with you.

> regardless if it decreases security of its customers and other people

The plurality of countervailing perspectives in this thread – which you have failed to address or refute, as far as I can tell – ought to indicate to you that it is arguable that Apple's decision in this case increases security of its customers.

> It is undeniable and silly to argue against.

I'll let others judge who seems silly here.

My point stays exactly the same. You haven't said anything real against it.

iMessage using SMS to communicate with Android devices increases the risk to iOS users. Apple customers are still Apple customers when they communicate with Android users.

Every risk you describe is still present in the current implementation of iMessage when communicating with Android users, except the risks are much greater because SMS is much easier to exploit and intercept than an E2EE protocol would be.

A message platform that forces Apple users to use an insecure protocol when communicating with Android users decreases the security and privacy of Apple users.

So even an imperfect implementation of real E2EE between Apple and Android users, even with all the risks you describe above, is still an improvement in security over what we have right now: a situation where Apple forces iMessage users to use to what is quite possibly the least secure communication method possible when communicating with their friends and family in different ecosystems.

It's not necessarily about helping the users of another competing platform, Apple users who are using normal iPhones are sending unencrypted and unsecured messages to their friends and family members because Apple is more interested in vendor lock-in than it is interested in making sure that its customers are able to communicate securely with their contacts.

The idea that Apple users would suddenly stop caring about security or that they wouldn't want their conversations encrypted just because they're talking to someone else who's on an Android device is very strange to me -- it suggests that Apple is willing to sacrifice security for paying iOS users just to keep Android users from seeing any of the benefits of those security improvements.

Yes, there may exist reasons to distinguish between locked down vendor-controlled devices where users do not have the autonomy to change device settings that could damage encryption, and devices where users do have that autonomy. I understand that concern, even if I think it's usually disengenous. But there is really no reason and no excuse (especially now that we know how easy it would be for Apple to take its encryption multiple-platform) for going beyond distinguishing between those devices, and going so far as to actively drop all security measures and all encryption from those conversations. It's like saying that because a window can be broken we might as well take the door off of its hinges and put up a "burglars welcome" sign -- and, incredibly, it's claiming that anyone who tries to replace the door without permission is somehow decreasing security. Apple doesn't just distinguish between controlled and uncontrolled environments, it removes the door entirely by dropping its users into a messaging format with no end-to-end encryption at all. It's a bad policy that hurts Apple users and decreases their safety.

Hmmming and hawing over "OEMs... and ...lax app marketplace security" seems like quite a high bar to hold, a bar so high it ceases to be useful. Remember, iPhone users can disable passwords on their iPhone entirely; if that's not something you ever worry about, then worrying about a minority of OEM's seems like mere pretext to keep your comfy walled garden all to yourself.

SMS can be read but it is still at least somewhat decentralized. It isn't being funneled to a single party whose business model is profiling users.

SMS is insecure and no one should use it. RCS isn't that much better and history is a lesson that it returns to a partner that isn't trustworthy.

Stuff like this happens all the time and the internet has always been like this. I'm sure older users will remember even older examples

it's going to become illegal not to have one in california! so you better invest NOW!!!

go to double U double U double U blah blah blah dot yadda yadda yadda

*full disclaimer, this technology is patent pending**

**doubly full disclaimer, "patent pending" in the sense that the invention is still to be invented, the panel of experts said 20 (more) years!

The smartphone is the single most important device for modern life and society. It's news, photos, communications with loved ones, work, entertainment, food, paying for practically everything...

And it's just two companies. Two companies with an iron grip over such a wide and diverse set of functionalities that, taken together, should be as inalienable as free speech.

- They control what you can put on the devices (or in the cases where they're open, they scare you or make it exceedingly difficult).

- They tax all innovation happening on the platform. Because web is second class. If you build an app, you have to pay for ads against your own brand. You can't have a customer relationship (yet Google and Apple get that). You have to keep up with their release cycles on their timeline. They can deny you or ban you at any point. They take 30% of your margin. You're forced to use their billing. In many cases, they actively develop software that competes with you.

- They're extremely user hostile. The devices aren't easily repairable, the batteries force upgrade cycles, and they do stupid things that make your kids want to buy the most expensive model for clout. Green and blue bubbles, etc.

- On top of this, they're gradually eating away at every related industry. The music industry. The credit cards and payments and finance industry. The film industry. It's all getting absorbed into the blob that is the locked down smartphone.

- They turn their devices into "CSAM detection dragnets" (read: five eyes, US, China, and every other entity that wants to surveil).

This is fucking absurd and it needs to stop.

We need more than two device and platform manufactures.

Apps should be at least one of: (1) portable, (2) freely installable from the web without scare tactics, (3) web should be first class / native

The device provider shouldn't be able to use their platform play to maintain dominance. The cost of switching should be zero until there are enough new peer-level competitors.

I could keep going... the status quo is a tax on the public, a tax on innovation, and a really overall unfortunate situation.

that would be nicer than the current situation where they take away 30% of your revenue

Sent from my Librem 5.

That basically makes it a non-option for the overwhelming majority of people, and it was still an issue 6 months ago.

I really want to like the Librem but it's hard to justify the price tag when you're going to have to carry another phone around with you anyway.

The battery thing is not an issue for me in practice. I carry a spare battery (they're swappable), but I never actually need it because there's USB-C chargers everywhere I go, and I made it a habit to plug it in whenever I can.

A phone should adapt to your lifestyle. You should not have to adapt your lifestyle to your phone.

Edit: Actually it did happen when I opened a Firefox tab with a heavy js and left it open with deactivated suspend, which you shouldn't do on any phone (and even then it's more than a couple of hours).

> The app doesn’t connect to any servers at Beeper itself, only to Apple servers, the way a “real” iMessage text would.

https://techcrunch.com/2023/12/05/beeper-reversed-engineered...

Since I have no control over iMessage, I would not consider it safe. It could easily be spying on me without my knowledge.

If Apple actually cared about security they'd implement an open protocol that is provably secure. Imagine if they supported something like Matrix. But that's clearly not their primary concern here. It's just a convenient excuse to maintain their walled garden.

A correctly implemented end-to-end encrypted protocol would be safe for all participating clients.

The only way to break that security is by copying messages outside the protocol in the app itself.

Neither of us knows whether iMessage or Beeper Mini does this. To bring up the possibility is to criticize both apps equally.

As long as the clients are closed source, this is a circular argument. The client itself is a vector. Not just for a good E2E implementation but for the 3rd party company to not outright steal everyone’s messages, create a backdoor, etc. You have to be willing to trust every client used in the thread.

If we must be willing to distrust one closed source client, then we ought to distrust both.

That said, I don't personally trust either of them. When it comes to matters of security, I prefer open protocols which can be proven to be secure over pinky swears from companies.

You just brought up a better word: "liability". I'll go one step further: "attack surface".

When it comes to security in software, we don't need to work with many unknowns. The unknowns we do work with are the attack surface. By presenting a greater domain of unknown behavior, closed source software effectively presents me (the user) a larger attack surface. Sure, I could trust that the extra attack surface is actually covered; but I can't know. With open source, I don't have to trust, because I can know instead.

If I am to choose between open and closed source software, then I am choosing between knowledge and trust. That is a completely different position than choosing between closed and closed: trust vs. trust. So long as any securely-designed open-source messaging app exists, iMessage is at a disadvantage in end-user security. Even if Apple can know for certain that iMessage's attack surface is not larger than an open-source alternative, we the users can't. Closed source software will always present a higher demand for trust.

Generally fair assumption. There's been some research (both positive and negative) around their E2EE claims, though AFAIK much of what's known about iMessage's E2EE guts has been learned through unofficial means. I think that for the vast majority of users, iMessage is probably safe enough.

As a user, you have the agency to choose a messenger app that better suits your privacy/convenience balance, though in fairness, I think even among users who care about privacy, many don't know how to judge privacy features and implementation details well.

Like others in this thread, I personally recommend Signal. It's widely available, easily usable, has been audited and researched a fair bit, and though it doesn't have a self-hosted option, it does have white papers out about its protocol which IMO are worth a read.

It does not.