Apple today confirmed that it took steps to shut down the functionality of Beeper Mini, an app that enabled Android users to send and receive iMessages.
Apple emphasized its commitment to user privacy and security, explaining that the move was necessitated by the potential risks Beeper Mini's techniques posed, including metadata exposure and susceptibility to spam and phishing attacks. Apple's full statement shared with The Verge and other news sites is as follows:
Beeper Mini operated by intercepting the iMessage protocol using Apple's own push notification service, convincing Apple's servers it was an authentic Apple device. This method, according to Apple, involved the use of "fake credentials," which posed significant security and privacy risks to users. Beeper claims that its process worked with no compromises to encryption or privacy, and the company's documentation says that nobody can read the content of sent messages other than the sender and its recipient, but Apple was unable to verify this and says it posed risks to users.
Following Apple's statement, Beeper CEO Eric Migicovsky expressed his willingness to cooperate with Apple for a security review of Beeper's code to The Verge. He emphasized the importance of secure communication channels between iPhone and Android users, challenging Apple's decision by highlighting the inadequacies of unencrypted SMS for cross-platform messaging. Despite Apple's firm stance, Migicovsky remains committed to exploring solutions that could enable the return of Beeper Mini or similar services.
Source: Macrumors