Mobile app developer Beeper launched a safe way to use Apple’s iMessage on Android devices through an app called Beeper Mini. Apple, however, has quickly shut down the app by cutting off its connections to Apple servers citing security concerns.
Here is what Apple said in response to Beeper Mini’s shutdown:
We took steps to protect our users by blocking techniques that exploit fake credentials in order to gain access to iMessage. These techniques posed significant risks to user security and privacy, including the potential for metadata exposure and enabling unwanted messages, spam, and phishing attacks. We will continue to make updates in the future to protect our users.
Beeper Mini utilized a unique service to access iMessage by leveraging Apple’s push notification system. Essentially, all iMessage communications are transmitted via this protocol, which Beeper Mini intercepts to reroute messages to your device.
For this process to work, Beeper Mini had to deceive Apple’s servers into believing that it was communicating from an authentic Apple device, which was not the case. This deception involved the use of “fake credentials,” as referenced by Apple.
Beeper says that this process works without compromising anyone’s security and the company’s documentation says that no one other than users can read their messages.
Apple is unable to confirm the safety of this method and has expressed concerns about the potential risks it poses to users and their contacts.
There’s a broader context to consider as well. Apple has consistently shown reluctance to extend iMessage to Android users. For instance, CEO Tim Cook, responding to an inquiry at the Code Conference about messaging an Android device, suggested “Buy your mom an iPhone.”
Additionally, while Apple’s executives have considered developing Android versions of iMessage, they ultimately decided against it, fearing it might negatively impact iPhone sales. Although Apple has announced plans to adopt the cross-platform RCS messaging protocol, the specifics of this implementation are still unclear. It’s expected that Apple will continue prioritizing enhancements for native iMessage users.
Beeper, on the other hand, has announced that it’s working on a fix for the Beeper Mini app, which is still not working at the time of writing. Founder Eric Migicovsky also responded to Apple’s move to shut down Beeper Mini, saying that if Apple truly cared about user security and privacy, it wouldn’t be using insecure SMS.