Beeper reverse-engineered iMessage to bring blue bubble texts to Android users::The push to bring iMessage to Android users today adds a new contender. A startup called Beeper, which had been working on a multi-platform messaging

  • pitninja@lemmy.pit.ninja
    link
    fedilink
    English
    arrow-up
    4
    ·
    1 year ago

    By that logic, there’s nothing guaranteeing iMessage on iPhones is secure or private either because it’s closed source. If you don’t want to trust Beeper mini, you’ll be free to run their iMessage bridge on your own Matrix stack when they open source it at some point, which they’re promising to do (and you still won’t know that Apple isn’t scraping your messages on the iOS side). When I decide to trust a company, it’s because I look at what they’re transparently communicating to their end users. Every indication is that they are trying to get out of the middle of handling encrypted messages. Their first move to make this happen was allowing people to self host their own Beeper bridges (which you can still do with Beeper Cloud if you prefer and you will know that your messages are always encrypted within the Beeper infrastructure). They aren’t going to release the source for their client ever because that’s the only way they make any money.

    • LWD@lemm.ee
      link
      fedilink
      English
      arrow-up
      3
      arrow-down
      1
      ·
      1 year ago

      I tend to trust actual open source projects over closed-source ones. Beeper Mini is closed source. And Beeper is a separate app not really relevant to this discussion.

      • BearOfaTime@lemm.ee
        link
        fedilink
        English
        arrow-up
        2
        arrow-down
        1
        ·
        1 year ago

        You should read the docs. It’s impressive.

        I get where you’re coming from, but after readinhow badly security is implemented in iMessage frankly I trust the Beeper devs more than Apple.

        Get this, iMessage delivers the AES encrypted message in a package with the AES key, that package is encrypted with your RSA key.

        iMessage lacks forward secrecy. So if anyone ever got your RSA key, they could read all your messages, including past messages, because your RSA key never changes!

        • LWD@lemm.ee
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          I can’t trust Beeper more than Apple on one major technicality… Trusting them requires trusting Apple, at least for now. And I question why I had to sign in to their Mini apps with a Google account.

          I’m impressed by the reverse engineering, but hey maybe they could introduce some good encryption on the side for their potentially expanding user base. And probably integrate their two apps… Unless they already basically have.