A clever new app that briefly connected Apple’s secure iMessage texting system and Google’s Android message service was effectively blocked by Apple just days after launching.
The US$2-a month Android app Beeper Mini had lofty goals.
Back in 2020, Beeper founder Eric Migicovsky explained his idea: text communication between different devices and different platforms should be all about human communication, but the tech simply wasn’t living up to expectations. Apple’s iMessage and Google’s system for Android are, for example, incompatible with encrypted messages.
To send messages between two systems, encryption is stripped away, and the messages are sent as insecure legacy SMS texts. That’s the problem; the technology itself, Migicovsky said, “needs to fade into the background, so I can simply chat with my friends, family and work colleagues”. The idea was that a third-party provider could create a way for people to send messages regardless of any underlying technology conflict.
Beeper Mini launched early last week, after the company’s several earlier attempts to facilitate secure cross-platform messaging. The new app seemed like it had achieved Migicovsky’s goals.
The app let encrypted messages pass between Apple’s and Google’s systems without Android messages appearing as unsecured “green bubble” texts on Apple screens. (This ongoing controversy may have been overblown by Android industry players like Samsung.)
Beeper cleverly reverse engineered some of parts of Apple’s popular secure iMessage systems and didn’t require users to sign into an iCloud account to make it work. This is a controversial trick that some rival cross-platform messaging services use, and it’s rife with security risks for users who effectively hand over the keys to their precious data to a third party, opening themselves up to hacking risks and more.
Beeper Mini, Migicovksy explained to The Verge, was actually secure, and he felt that Apple would have no grounds to block it because it didn’t incorporate any code stolen from Apple.
Apple almost immediately closed the tech loophole that Beeper exploited, effectively killing the app.
Beyond the squeeze on a small startup, the clash epitomised the bigger regulatory backdrop behind Migicovsky’s identifying and solving a technological security issue. Apple remains very protective of its iMessage system, often touting its user privacy-protecting end-to-end encryption.
This protective stance has drawn regulatory scrutiny, as European Union officials argue that Apple is too protective of iMessage, and demand that the tech behemoth unlock the door to iMessage secure technology, and incorporate a rival service called RCS.
This system is supported by industry competitors like Google who say that Apple’s adoption would mean inter-platform messaging would be seamless. Apple has partly capitulated, but remains extremely vigilant about its proprietary tech.
On Friday, Apple shut down Beeper Mini. A company statement made no reference to Beeper but said Apple had taken “steps to protect our users by blocking techniques that exploit fake credentials in order to gain access to iMessage. These techniques posed significant risks to user security and privacy” including serious threats like exposing personal data and opening users to risks of phishing and scams.
That Beeper could open up a prestigious system’s users to risks would seem to fly in the face of Apple’s own closely-held security and privacy principles.
The move was not without controversy, and attracted the attention of Senator Elizabeth Warren, who posted on the matter on X (formerly Twitter). “Green bubble texts are less secure. So why would Apple block a new app allowing Android users to chat with iPhone users on iMessage?” she asked, adding “Big Tech executives are protecting profits by squashing competitors.”
While it highlights security problems with Apple’s rivals’ messaging services, Warren’s tweet does support the idea behind Beeper Mini – that messaging “between different platforms should be easy and secure”.
However, it’s worth remembering that Apple’s iMessage runs on its own servers, and that it doesn’t charge users extra for the service. One view of Beeper’s business model holds that the renegade company was charging US$2 per month for Android users to leverage systems that then ran on Apple’s servers – without Beeper having to pay Apple a penny.
This David-versus-Goliath story (where “Goliath” is one of the most valuable companies in history) has more to it than green and blue text messaging bubbles and seamless, secure messaging.
That’s worth remembering when a startup’s plans involve innovatively back-engineering someone else’s expensively developed technology. – Inc./Tribune News Service