Beeper reverse-engineered iMessage to bring blue bubble texts to Android users::The push to bring iMessage to Android users today adds a new contender. A startup called Beeper, which had been working on a multi-platform messaging

  • Fades@lemmy.world
    link
    fedilink
    English
    arrow-up
    3
    arrow-down
    17
    ·
    edit-2
    1 year ago

    In exchange for security loss, is it really worth it?

    Edit: the downvotes are very expected. You people need to lean about why this is important

    https://www.androidauthority.com/beeper-app-opinion-3345142/

    First, the elephant in the room needs to be addressed: security. In Beeper’s start-up guide, the first thing you see is a huge alert box: “Beeper may be less secure than using encrypted chat apps by themselves.” Fundamentally, there’s no way to fix this. To use any of the chat apps, you need to link Beeper to that service using your credentials, which is inherently more insecure than logging into the app directly. Beeper is quick to defend itself by pointing out its robust privacy policy, its ethical business practices with a user-centered focus, and its use of end-to-end encryption (E2EE). However, that doesn’t protect your credentials from hackers that could gain access to Beeper and send your grandma a message through WhatsApp pretending to be you and asking to wire $1,000 to an account in China.

    More in depth: https://www.reddit.com/r/beeper/comments/13hhx9e/transient_key_retention_a_suggestion_to_solve/?rdt=61709

      • Fades@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        1 year ago

        These: https://www.androidauthority.com/beeper-app-opinion-3345142/

        First, the elephant in the room needs to be addressed: security. In Beeper’s start-up guide, the first thing you see is a huge alert box: “Beeper may be less secure than using encrypted chat apps by themselves.” Fundamentally, there’s no way to fix this. To use any of the chat apps, you need to link Beeper to that service using your credentials, which is inherently more insecure than logging into the app directly. Beeper is quick to defend itself by pointing out its robust privacy policy, its ethical business practices with a user-centered focus, and its use of end-to-end encryption (E2EE). However, that doesn’t protect your credentials from hackers that could gain access to Beeper and send your grandma a message through WhatsApp pretending to be you and asking to wire $1,000 to an account in China.

        More in depth: https://www.reddit.com/r/beeper/comments/13hhx9e/transient_key_retention_a_suggestion_to_solve/?rdt=61709

        • Stephen304
          link
          fedilink
          English
          arrow-up
          5
          ·
          1 year ago

          That’s about beeper, not beeper mini. Mini was just launched, that’s older information that only applies to the MITM version (beeper which is now beeper cloud).

          Beeper mini talks directly to the services you use, no MITM, which is why they plan on adding more services to mini until it can replace the older Beeper (cloud).

        • drislands@lemmy.world
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          My understanding is that this absolutely applies to their previous iterations, but not this – there’s no authenticating with your Apple ID, for example. It’s sending and receiving iMessage data directly between the Apple servers and your device, now.