isn't Facetime already can be use on android? like users can't place a facetime call but they can receive the call to answer?
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Apple Puts a Stop to Beeper Mini's iMessage for Android Feature
- Thread starter MacRumors
- Start date
- Sort by reaction score
You do have a valid point mate. Or why not consumers can buy both Devices.
Im jumping to Samsung next month, i dont pay for Apple services and barely use imessage.
i believe the only thing i will miss is Airdrop but since i also own an ipad pro, it wont be a such a big deal.
Eventually is doing a lot of work here. RIM was fiercely protective of BBM until they were confronted with a collapsing market share and millions of unsold devices year after year. Blackberry in 2009 held a 20% market share but by 2013 (the year the BBM app was released), it had fallen to 1-2%. A truly spectacular fall.
“Opening” BBM was a last ditch attempt to turn their former crown jewel into a services pivot that ultimately failed as it was done far too late. The BBM Messenger shut down in 2019 but was already utterly forgotten by most.
BBM vs iMessage is an interesting thought experiment, but the realities of the two companies could not be more different.
The average user is not going to pay $99 to sideload.
Apple users do pay for apps more than android.
Android users do pirate apps more lol. It’s a known fact.
I am a software engineer and I implement and integrate security-related functionality (authentication, authorization and encryption) on daily basis. My understanding is you're also a security engineer, so I guess we're on the same page.
I am asking a question, not making a statement. The question is: was it possible to authenticate with either Apple ID or phone number and not both? Because if that is the case, then one can use a spoofed phone number of an existing iMessage user and thus be successfully authenticated (hence trusted). If that was/is the case, that's a serious security breach.
And the above has nothing to do with the encryption of the communication. As we are all aware, each device with the same Apple ID will receive iMessages that are sent to that Apple ID. So, if the server would trust a new device and link it to an Apple ID based on phone number match, the E2EE doesn't matter, the spoofing device would already receive data that is not destined to it, hence that can as well be called "interception".
Have fun samsung is terrible
Every time I see someone making that comparison I’m like did you really compare a dying Company to a trillion dollar company lol
iMessage largely runs directly atop Apple's push notification service (APNS), which has absolutely massive capacity, sending tens if not hundreds of billions of push notifications daily. It's used to send all push notifications from all apps to all devices. Given that push notifications are table stakes for a smartphone, it's not like Apple has any choice but to continue offering APNS.
At that scale, I'm skeptical that offering iMessage to Android users in and of itself — that is, excluding indirect costs such as lost hardware sales — would bring any noticeable expense to Apple that it's not already spending. But Apple's goal is to make more money, not the same amount or less, and finding an upside for Apple to offer iMessage to Android users is the tricky part, especially for free but maybe even as a paid service.
Fair enough, and tbh I dont know on how the reg works, I’m curious though and I’ll dig into the PoC later, when I’m actually at a computer, to see. My bet is either option is ok to register a device on the directory/relay/etc servers and then after key generation and exchange with the servers it’s authed to some form of generated and encrypted deviceid and then linked to an internal userid. To add multiple devices maybe in absense of appleids it reverts to already added device auth (which would make sense given how if you route that through the next layer in appleids that would explain the prompts we get on already added things after a device is added or hasnt been used in a while (key rotation there I assume)). That’s how I’d do it anyway
It’s very simple. They know people like me would keep their Macs but ditch their iPhones if it was easier to use iCloud ecosystem cross platform.
No, authentication requires an Apple ID. There’s no way to authenticate solely with a phone number.
Beeper advertised that you “don’t need” an Apple ID to start using it, but that’s not true, just like it’s not true that you don’t need an Apple device.
Authentication with the server requires both. They referred to pypush to explain how they’re doing it without an Apple device (i.e., using a spoofed serial number to pretend it’s an Apple device), but they’re very tight-lipped on how they’re doing it “without” an Apple ID.
I think the reason why they’re tight-lipped about it is because of legal reasons since all signs point to them creating an Apple ID in the background, which would be a violation of the terms of service.
The fact that phone number alone isn't sufficient to authenticate is consistent with what Beeper says. If you want to access your iMessages on Beeper, the ones sent to your phone number, you need to log in with your Apple ID.
As for E2EE, you seem to misunderstand how it works when multiple devices receive iMessages. It's not the server trusting another device, it's your authenticated devices trusting another device. The server just facilitates the process.
When you sign up with your first device it creates an E2EE public-private key pair, the public key is registered in a directory of sorts.
Everytime someone sends you a message their device looks up the public key to encrypt the message, and your device then uses its private key to decrypt the message.
When you then want to add another device you need to authorize this on your first device and the new device repeats this process, from then on, when someone sends you a message two copies are made, encrypted with the respective public keys for the two devices and sent to the two devices.
When you add more devices, this process is repeated for each device.
So let's say I've got 12 devices, then when someone sends me an iMessage, their device will look up the 12 public keys, encrypt the message 12 times with those public keys and send it off to my 12 devices.
I have a feeling given sales numbers if anything they’d be more worried about the opposite, or about people just plain ditching their iphones. This isnt early iphone days, there are a *lot* more people with iphones and either no computer or a windows machine than there are folks who only bought an iphone because they had a mac. Phones are more and more folk’s primary computing devices
For the most part jinx
. We simulposted basically the same thought process (though yours is more authoritative since it seems you’ve actually looked at the PoC already )I do care because I need to know if the I have I message so I can send other stuff like locations, games and thinks like that.
Thanks for your question!
RCS is not a real solution to the problem.
Hope this helps!!
Sir we are talking about a chat app. You are making it way more complicated than it needs to be.
I think it might be time for the EU to shut Apple down
Man, it hurt to read this exchange between you two. I just don't understand how anyone can be so oblivious. You express your dislike for Android—fair enough—and he expresses his like for it—also fair enough—and that was it. I don't know if you were reading between the lines for something that just wasn't there or what, but there really wasn't any subtext to his comment.
And you respond to this otherwise normal-thus-far conversation by… making condescending jokes… because he likes a different phone platform than you. Then you go on to make critical remarks about how smug and hypocritical and fanatic Android users are… when the only one being smug—and as a result, hypocritical—was you.
Last edited:
I’m not sure that’s entirely correct because the max size of data you can encrypt with an RSA key (public/private key) is less than the key-size (for instance with a 128-bit key i.e. 16 bytes, you can encrypt 11 bytes) , so it’s not used for regular data encryption. The RSA public/private key is used to exchange a symmetric (e.g. AES) key which is then used by both parties for the actual communication encryption.
With the above in mind, I highly doubt it there are separate public/private keys (and then symmetric AES keys) for each registered device under the same Apple ID since it would be an overkill. Unless you’ve read Apple doing it but I am not aware of such a document.
I’d rather say there’s only one public/private key per Apple ID and the private key stored on one device would securely be shared to any new device (without the server being able to decrypt it, so it still stays E2E) and consequently the clients would also exchange the session AES keys with the server relaying one and same encrypted data to all of them instead of expecting for each of them to establish a connection with the rest. That would be an overkill, again.
I don't understand this part. We've been able to use iMessage on an iPhone without an Apple ID since the day iMessage launched, and still can.
Really goes to show how desperate Apple is if they really need a messaging app to be a system seller
People need to stop bundling 'Android users' as a whole into this whole drama. All countries except the US saw through the dictatorship Apple is doing here and moved on to WhatsApp, Telegram, WeChat a long time ago.
It's time consumers in the US wake up and stop being willing slaves of Apple like the rest of the world.
It's time consumers in the US wake up and stop being willing slaves of Apple like the rest of the world.