• sparky@lemmy.federate.cc@lemmy.federate.cc
    link
    fedilink
    English
    arrow-up
    3
    arrow-down
    1
    ·
    11 months ago

    Former Apple engineer here. This architecture isn’t ideal if you intend the service to be portable - but we didn’t! Knowing the messages can only originate from a sealed application on a first party device eliminates a whole class of spam and security problems.

    Beeper’s implementation spoofs Mac keys and requires you trust them with your Apple ID credentials if you want to be able to take full advantage of iMessage.

    It’s just pointless. A huge security risk for Apple users and to zero benefit for Android users. Let Apple implement RCS as they promised and move on. Isn’t everyone on Telegram or WhatsApp anyway…?

    • rdri@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      arrow-down
      1
      ·
      11 months ago

      but we didn’t!

      Well maybe that was a mistake.

      Knowing the messages can only originate from a sealed application on a first party device eliminates a whole class of spam and security problems.

      It conveniently appears to also eliminate some amount of responsibility. Seriously? Was it not known that it’s possible to debug even 1st party apps? Was it not already obvious that walled gardens are only good before they got cracked?

      A huge security risk for Apple users

      I wish engineers would stop using the word security just because they like it. Apple should try to prevent threats like pegasus instead of telling everyone that blue bubbles are a security risk.

      and to zero benefit for Android users

      Yeah, it’s more useful for apple users so they wouldn’t need to resort to unencrypted messages when talking to Android users.

      Let Apple implement RCS as they promised and move on. Isn’t everyone on Telegram or WhatsApp anyway…?

      Heh. I wish to see apple say the same in their statement of decision to shut down iMessage.

      It’s just pointless.

      Yeah. Apple doesn’t understand the community concerns, it only understands court decisions. Though sometimes these two have some connection.