• penquin@lemmy.kde.social
    link
    fedilink
    arrow-up
    95
    arrow-down
    4
    ·
    1 year ago

    They use a Mac mini somewhere to route these messages. So you’re logging into that Mac mini with your iCloud credentials. Sounds like a privacy/security nightmare and creepy as fuck.

    • decodehug647
      link
      fedilink
      arrow-up
      14
      ·
      1 year ago

      It seems like all efforts to “bridge” imessage to anything outside apple software work this way - there’s a Matrix bridge and a dedicated open source app and they both rely on the imessage client on a mac. Is there a legitimate reason for it not being reverse-engineered yet?

      • GamingChairModel@lemmy.world
        link
        fedilink
        English
        arrow-up
        22
        ·
        1 year ago

        Is there a legitimate reason for it not being reverse-engineered yet?

        The actual protocol isn’t a secret. It’s that the authentication of the device relies on a hardware key, and that key is fully locked down by Apple (as it also secures the user’s biometric logins, keyring, financial information in Apple Wallet, etc.).

    • EvokerKing@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      I use beeper (a version of these apps that is actually released but kinda shit) and it’s perfectly fine. Their solution would be better because it runs locally on the phone, however it’s only on supported phones which is most likely just nothing phones.