Apple blocked Beeper to protect your iMessages, no matter what senators might claim

News
By Oliver Haslam
published

Just think it through.

Beeper Mini iMessage on Android
(Image credit: Future / Apple / Android)

You'd need to have been hiding under a rock to have missed the big news in the world of iPhones over the last week or so, but we'll run through a super-quick recap for those who might have missed it — someone tried to bring iMessage to Android and Apple blocked it. Then a senator decided to wade in and say the wrong thing

Oh, OK, we'll give you the slightly longer version.

A week or so ago Beeper started to offer a $2 per month subscription service that brought iMessage to Android devices. Dubbed Beeper Mini, the app didn't do quite as much hackery as previous iMessage-on-Android implementations, so there were no shady Mac mini servers running in data centers forwarding messages around. Instead, Beeper had found a way to reverse engineer the iMessage protocol and then hook into it as if it were a real iPhone. Or a Mac, iPad, or Apple Watch, for that matter. That meant that messages were supposedly safe and sound, something that similar alternatives from Nothing and Sunbird couldn't boast.

Except, things probably aren't quite as secure as we've been told and Apple definitely isn't going to take any risks. So it's already blocked Beeper Mini entirely, although Beeper claims that it's already working on a fix. And when it does, we can expect Apple to block that, too. That's despite Senator Elizabeth Warren getting involved, throwing a post up on the X social media platform that completely misses the point and seems to have come straight from a co-founder of Beeper himself. If you're going to be wrong, at least be uniquely wrong.

Bringing down the ban hammer

When Beeper Mini stopped working it was assumed that Apple had pulled the plug, something that it later confirmed. "At Apple, we build our products and services with industry-leading privacy and security technologies designed to give users control of their data and keep personal information safe," the company said in a statement provided to CNET, among others. "We took steps to protect our users by blocking techniques that exploit fake credentials in order to gain access to iMessage."

That final sentence is the crux of the matter, and it's clearly how Beeper Mini was working. The service pretended to be a real Apple device by providing the iMessage service with fake credentials, allowing it to then send and receive iMessages as if it were a real iPhone. But all of that is obviously against Apple's rules and, as Apple suggests, opens the door to a variety of security issues.

Beeper, for its part, claims that the way it was hooking directly into iMessage ensures that the messaging pipeline remains end-to-end encrypted. And that might well be the case. But because those messages are then being decrypted in a third-party app outside of Apple's ecosystem, the chain of custody is immediately broken. It's like saying that your home is secure because it has 5 locks and 3 padlocks. None of that matters the minute you invite someone through the door — and by allowing iMessages onto Android devices, that's essentially what Beeper Mini is doing.

So Apple blocked it. Seems fair enough, right?

'Protecting profits by squashing competitors'

Just when I thought we were done with this story until Beeper had another go at faking credentials, Senator Warren popped up with a carbon copy of a previous argument made by Beeper co-founder Eric Migicovsky. He'd previously argued that “if Apple truly cares about the privacy and security of their own iPhone users, why would they stop a service that enables their own users to now send encrypted messages to Android users, rather than using unsecure SMS?”

Migicovsky said that on Friday. Then, on Monday, we get this:

Seems .... familiar.

Ignoring the borrowed talking point for a moment, let's move on to the claim that Apple is "protecting profits by squashing competitors." Because that, frankly, is laughable.

Now let me preface this by saying that I think it would be great if Apple brought iMessage to Android. It'd make many of our lives easier. But should Apple be forced to do it? Of course not.

Apple isn't squashing a competitor by preventing Beeper from breaking into iMessage and forcing it to work on a different platform. It's stopping Beeper from accessing a service that it doesn't own, nor has permission to access, in order to then resell it for profit. That's a very different thing, and I'd like to think that a senator would be able to figure that much out for themselves. And maybe they can when they aren't just regurgitating a soundbite from the guy whose company just got found out.

This whole thing also ignores the myriad other secure messaging services that are available on iOS. WhatsApp, Telegram, and Signal are just three of them. Even Facebook Messenger supports end-to-end encryption these days.

If people who own an Android phone want to send and receive messages with their iPhone-owning friends in a secure manner, they can use those options instead. That has to be a better option than paying another company to make iMessage less secure, surely.

And if you really, really want that blue bubble, I'm sure Apple will sell you an iPhone. It has some cool features. And iMessage is just one of them. But a feature of the iPhone is all that iMessage is. And there's no reason Apple should be forced to share it.

Senator Warren will want Apple to let people install iOS on their Samsung phones next.

Just buy an iPhone

Apple CEO Tim Cook caused a stir last year when he suggested that people who want to see a blue bubble when texting Android owners should just "buy your mom an iPhone." And he's right.

Apple is making Messages work better with Android phones by adding RCS in 2024, allowing for rich media and more while finally putting a nail in SMS's coffin. But even RCS, the feature Google and Android owners have been begging Apple to implement for years, isn't encrypted.

So yeah, RCS will make it easier to send cute cat photos to your Android-toting family. But those bubbles will still be green. And that's exactly the way it should be.

More from iMore

Oliver Haslam
Oliver Haslam
Contributor

Oliver Haslam has written about Apple and the wider technology business for more than a decade with bylines on How-To Geek, PC Mag, iDownloadBlog, and many more. He has also been published in print for Macworld, including cover stories. At iMore, Oliver is involved in daily news coverage and, not being short of opinions, has been known to 'explain' those thoughts in more detail, too. Having grown up using PCs and spending far too much money on graphics card and flashy RAM, Oliver switched to the Mac with a G5 iMac and hasn't looked back. Since then he's seen the growth of the smartphone world, backed by iPhone, and new product categories come and go. Current expertise includes iOS, macOS, streaming services, and pretty much anything that has a battery or plugs into a wall. Oliver also covers mobile gaming for iMore, with Apple Arcade a particular focus. He's been gaming since the Atari 2600 days and still struggles to comprehend the fact he can play console quality titles on his pocket computer.

6 Comments Comment from the forums
  • simonmann
    I prefer the Aple walled garden, if you want in then like Tim Apple said and I paraphrase "Get an iPhone"
    Reply
  • Annie_M
    simonmann said:
    I prefer the Aple walled garden, if you want in then like Tim Apple said and I paraphrase "Get an iPhone"
    Yes Yes Yes!!! I completely agree... I prefer Apple's walled garden... in fact, I chose Apple for that very reason. I made an "informed choice" when I came to Apple and while I realize that not everyone does their due diligence before deciding on a purchase, I wish that politicians all over the globe would do their due diligence before meddling in Apple's policies!
    Reply
  • iebock
    Plain and simple the folks at Beeper Mini hacked. into Apple's system and in certain countries that is actually a felony. Given it was a hack, Apple has every right to protect their systems and that hack of a politician Liz Warren needs to shut her pie hole. Like she understands technology.l
    Reply
  • Bla1ze
    iebock said:
    Plain and simple the folks at Beeper Mini hacked. into Apple's system and in certain countries that is actually a felony. Given it was a hack, Apple has every right to protect their systems and that hack of a politician Liz Warren needs to shut her pie hole. Like she understands technology.l
    Plain and simple, no one hacked Apple's system. Nor is anything the folks at Beeper did illegal.
    Reply
  • Wotchered
    I would prefer to remain within the garden, thank you very much ! In fact a couple of feet on the wall wouldn’t hurt.
    Reply
  • naddy69
    "Plain and simple, no one hacked Apple's system. Nor is anything the folks at Beeper did illegal."

    Unauthorized access via fake ID is not illegal? So if I present a fake ID to the guards and gain entry into the Pentagon, I won't be in any legal trouble?

    This is exactly what Beeper did. Presented a fake ID to get into Apple servers. That is the very definition of hacking into a system. If you were legally authorized you would not be creating a fake identity, would you?

    Rest assured that if the fools behind Beeper do this again, there will be legal action from Apple.
    Reply