• GenderNeutralBro@lemmy.sdf.org
    link
    fedilink
    English
    arrow-up
    175
    arrow-down
    1
    ·
    1 year ago

    They’ve stated that they are using Mac minis as relays. They claim that they do not store messages or credentials, but I don’t see how that’s possible if it relies on a Mac or iOS relay server that they control.

      • 𝕽𝖔𝖔𝖙𝖎𝖊𝖘𝖙@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        ·
        edit-2
        1 year ago

        If it’s anything like Beeper 's Matrix bridge then it’s E2EE Matrix encrypted between your device and the bridge server and then using Apple’s iMessage encryption between the bridge server and Apple/the other user.

        The weak point is always going to be the bridge software as by necessity the message must be decrypted there to re-encrypt for iMessage.

        At least in Beeper/Matrix the bridge software is open source and one can host their own bridge while continuing to use the existing Beeper/Matrix main server.

        Doing so gives you no-trust security since the Beeper/Matrix host cannot decrypt the messages between you and the bridge you control and rubbing your own bridge eliminates that weak point.

      • SHITPOSTING_ACCOUNT@feddit.de
        link
        fedilink
        English
        arrow-up
        0
        ·
        1 year ago

        They might be able to relay them in a way that the end to end encryption is actually handled on the phone and the relay only relays encrypted messages.

        That would likely still give them a capability to MitM but it’s plausible that they couldn’t passively intercept the messages.