Ok, I’m sorry but this comment and this thread is just all over the place.

Beeper wasn’t doing MiTM attacks. They weren’t hijacking messages.

That we know of. Oh, and they’re literally a man in the middle, someone the user shouldn’t expect is in between the data they’re sending. okay, I’ll give you the middle is squishy here because it’s really when it’s decrypted on the client, but still…

They functioned and behaved as a legitimate end point.

Which, they weren’t. They were spoofing credentials and accessing a system without authorization from the system owner. It doesn’t matter if Apple left a hole in the system. Hell, they could have set the password to be ‘12345’ it’s still probably a crime, at least, based on this list of crimes:

having knowingly accessed a computer without authorization or exceeding authorized access

The whole thing basically reiterates over and over that just because you technically have access, that doesn’t mean you are permitted.

While I agree Apple should have some control over their network.

Okay, makes sense.

Which they clearly don’t in any way that matters.

How many iMessage breaches has Apple had?

The controll they’re exerting shouldn’t be allowed.

The “control” is discovering that someone else made a copy of the key to their locks. If i told you that I now have a copy of the key to your house (but trust me bro I’m only going to use it like you would which means using your shit and and selling your food to others) oh and that now basically anyone has a copy to the key to your house, would you change the locks?

As long as beeper were behaving, which they were.

Which they were?! They literally are using fake credentials, accessing a system without authorization, using the infrastructure including the real costs of said infrastructure.

Secure messages are sent and received from all manner of platforms regularly without issue. No Apple required

Welp, you’ve just provided the closing arguments for Apple’s lawyers and any sort of monopoly concern.

Monopoly on what?

I have a hard time even figuring out what the issue here is? it’d be one thing if the first iPhone shipped and was riddled with bugs and promised/demoed features weren’t there, but that wasn’t the case. Launched more or less rock solid, and iPhoneOS 1.0 (as it was called then) was far from the buggiest wide release.

I mean, he died in 2011 and pretty much all of his worst behaviors are well documented and I think he’s well regarded in spite of those things, but importantly also because he seemed to learn and grow through his life. The worst things Jobs seem to be responsible for are barely a Tuesday for Elon these days, and the level of talent are also so disparate that putting them in the same sentence is a little absurd.

I just want to pause here and say that this kind of thing, much like basically any bumper sticker ever, is stupid as fuck and I hate it. Whether it’s my dumb fucking cousin saying “Killary” or equally annoying mouth breathers talking about “Drumpf.” Like, I’m as atheist as the day is long, and holy shit does it make the parent comment annoying to read. Your super great “hillary lied, people died” bumper sticker, the “honk if Trump should go to jail,” just all of it. It sucks, I hate it, it’s the laziest form of persuasion (spoilers, it’s persuading no one, it’s just pissing off the people you want to convince.) Oh you didn’t capitalize the ‘g’? Well fuck it’s me the pope, let’s peace out and go get tacos this Jesus thing was dumb anyway.

You know, watching religion decline in the west largely as a result of the more fanatical like Johnson, I kinda hope their side wins so we can be done with it. There are few things that are more of a cancer on society (globally as well) than religion and the dogmatic approach to the world that it espouses.

I think you’re conflating two different things when it comes to my comment. While I can agree in spirit, and were someone to release a FOSS version of this that did the same thing, I’d go right along with you on the whole “hacker spirit” thing (like the kid who wrote the original exploit and put it up for free on GitHub), but that’s not what is happening here. This:

Enabling interoperability in purposely walled gardens for the overall greater good of the Internet?

is not what’s happening, this is Beeper just trying to make money basically selling fake ID’s so you can get into the club, and the whole “uwu I’m a wittle startup don’t hurt me Apple” is just marketing spin for what I have to imagine was the rather insane assumption on the part of Beeper that they thought they found something that was unpatchable, and/or that they could somehow publicly pressure Apple to not sue them out of existence for what is potentially a crime (laws against hacking usually don’t give a shit about the method you use to breech a system, just whether that use is authorized which this is clearly not.) Apple has reasonable claim to financial damage as well, since Beeper is using Apple’s servers/bandwidth without approval or compensation. Charitably, Beeper might be hoping that this gets the attention of regulators and they’ll legislate opening it up, but that ship has sailed in the EU, and the legal argument for doing it in the states is “we don’t like green bubbles” so I wouldn’t hold my breath, and even then assuming there is a will in the legislature to do this, I have a hard time seeing how Beeper stays funded long enough to see that law pass.

Anyway, I am not saying this because I personally don’t want to see iMessage on Android (realistically I’d like the RCS standards body to get their head out of their asses and relegate iMessage and the various Facebook messengers to irrelevance) what I am saying is that Beeper trying to pretend to be a real business is laughable. Like, this is the type of product I would expect to buy in an alternate App Store with bitcoin or something, not something I would expect a real business to release on purpose with all of the fanfare and 100k’s of downloads. It’s the technical equivalent of putting up a stand in front of Costco advertising that you’re going to print and sell fake cards so you can get into Costco, and you’re going to do that by plugging your printer setup into Costco’s power to do it. oh, and then when Costco cuts off power, you run an extension cord over to a different outlet. Like, you can argue that you think Costco should do away with membership, but we all see what an insane business plan that would be, right?

edit: This is a really good article from the Verge on the whole thing, but I’m afraid it’s more nuanced than “Apple BAD!” so ymmv.

It was an exploit

…

but it wasent sketchy

Ah yes, businesses based on exploits. Very not sketchy.

While it’s not mostly about security, and I generally agree that Apple’s dickitry with regard to iMessage should end (they’d be doing a solid in the US to just release an Android client and monetize via sticker packs or something like it) there is most certainly a security risk for Apple to allow a reverse-engineering of their spec to spoof real iPhones, which is how Beeper works.:

pypush is a POC demo of my recent iMessage reverse-engineering. It can currently register as a new device on an Apple ID, set up encryption keys, and send and receive iMessages!

Now, your quote and the others in this thread:

Beeper didn’t find a security hole, nothing was compromised for Apple.

They sure as fuck did, lol. iMessage isn’t public, it’s not intended to be used by anyone other than Apple, and the bandwidth and servers are not free. Its not as if every iMessage isn’t going through Apple’s servers, they’re paying for it. Though they didn’t find a technical hole like a zero day or compromise iMessage for customers, they absolutely found a security concern for Apple. If you walk in to your house, find your neighbor there grabbing a couple of eggs out of the fridge and they hand wave away and say “don’t worry I didn’t break a window, I just figured out you keep a spare key under the mat and also I’m going to use these to make cookies for the block party and I’m not going to charge a lot for them and only you have these eggs from your chicken you’re hogging them!” you’d kick them out in a hurry and probably call the cops.

So two things:

1. We can absolutely be mad at Apple for the lock in effect of iMessage, there were some leaked emails a while ago that confirm what we all know, this is just there to prevent buying your kid a cheap android phone. Personally, I think if Apple was serious about keeping their customers secure, they’d either release an Android client or better, just make sure that the minimum spec for RCS supports E2EE for wide adoption. They can still have a more robust platform with iMessage, and it’s still going to integrate with Apple shit in a way that only they could do.
2. Anyone, anywhere, who thought that this was a viable business for Beeper has lost their fucking minds. Their model was basically “trust me bro, we’re going to socially pressure Apple and that’s going to totally work” and while it sounds like they’re back up for now, it will be extremely surprising if it stays that way longer than another week or two. It would be akin to someone launching a business being like “well, we didn’t hack Microsoft/Google/Facebook, but we’re planning on hosting a bajillion users on their backend for free without their approval.”

Oh they absolutely will. With Biden, they seem to selectively edit together clips of his minor speaking mistakes, with Trump they edit together the spots where he’s coherent.

That’s what I was thinking. Boy’s got a brain as smooth as a river stone, and somehow that’s lost its point?

There is truth in what you’re saying, but I think it’s missing a lot of nuance especially when it comes to why a lot of the things you’re saying are true. A few quick things:

instead of going with DOS

Apple developed the original Mac OS to be the first major GUI OS, and MS was left struggling to catch up. Going with DOS would have been a major step back, and set computing back significantly.

always been isolated from the PC ecosystem.

which was originally more to do with IBM than Apple.

You could barely read PC files, and most PCs couldn’t read Mac files without external software until Apple changed to Mac OS X in 2001.

This was less because Apple wanted it to be that way, and more because Microsoft wanted it that way. The reason things switched in 2001 isn’t specifically because of OS X, it’s because Apple did a deal with MS in '99 or so (and MS only did it likely to avoid more regulatory scrutiny after losing an anti-trust case) and part of that deal was more interoperability. Apple had advertising campaigns basically saying “don’t worry, you can switch to Mac and bring your files with you.”

They’re doing nothing different from when they started.

This is also true, but again misses a crucial piece of context - they do it that way because they think it’s generally better and makes better products, and I think you’d generally have to be pretty unstable to argue otherwise. Think about snapshots in time - in the 80’s when it was DOS and original Mac OS. Do our computers look and work like DOS or Mac now? Compare modern laptops to a '94 powerbook or whatever was on the PC market. The modern phone and the modern OS compared to what came before iPhone. Or take a gander what Android looked like pre/post iPhone announcement; spoilers, it was a blackberry knock off instead of an iPhone knock off.) Even Windows today looks and acts more like macOS than it has since probably the 3.1 days.

Even some of the more seemingly shitty decisions follow this pattern. Remember, iMessage came out at a time when messages cost either $5-20 for what would now seem like an absurdly small block of messages a month or $0.10 a message. Its initial value prop was that it was stupid to pay that much and if you bought an iPhone you could cut your bill way down. Or Lightning instead of micro USB. MicroUSB couldn’t fulfill all of the functions Lightning could, and it’s a worse connector for a lot of reasons.

I mean, that said, iMessage was definitely designed to keep you on iPhone and it’s being deliberately used as lock in, and there are plenty of other shitty things about Apple (like any other corp) but the virulence with which people hate it is often just because they do not get it any more than I see people mindlessly bash Linux usually with insults that haven’t been true since 2006.

It’s not as good as we want it to be. Those using RCS on Android are almost all using Google’s specific implementation, Apple is instead going to be using a more standard implementation. It’s probably going to work better than SMS, but it’s going to be a far cry from everyone just using any modern internet messaging service.

Def agree that the vast majority don’t care about E2EE (though that’s probably growing with more news articles like that one where they went after someone for abortion and got their Facebook messages to prove it) I think it’s less about blue/green and more about how shitty the interop is. I don’t know anyone who is like “I won’t talk to green bubbles” but I know plenty who get annoyed when it fucks up the group chat or either side is stuck looking at a postage-stamp sized grainy image (if it even gets delivered.) Really, really blows that the predominate message services in the states are Apple-only iMessage, owned by Facebook, or SMS. I’m over 30, so I am not on Snap and most of my friends aren’t, I refuse to use Facebook products, so we’re stuck with SMS.

Most of the “physical” media games are just launchers to download a copy anyway. Modern gaming outside of GOG or places that allow you download DRM free, fully offline functional games (at least for single player) are the only thing I would consider when thinking about whether you “own” the media. But the most popular methods for getting games through Xbox, Playstation, or PC (Steam, Epic, etc.) you only “own” it as long as the company continues to allow it.

I mean, even like 10 years ago when I bought a PS4 for Christmas for our kids, it was a pretty fucking disappointing Christmas Day because opening the console you have to update before you can use it, and none of the discs we bought were actually playable without gigs of downloads. I don’t think anyone got to play anything until like 9pm that day.

Discord has gotten much worse about pushing Nitro everywhere, and I can’t be the only one that sees it more than just on launch.

Can’t find information?

Right. Discord itself is another silo, and a public forum is going to be better for just about any non-ephemeral type of info (pretty much everything Discord gets used for that is not messaging.) There are a lot of communities that decided with the fucking of reddit to move to Discord, which just changes which silo the info is at, and in this case is less accessible because it’s not publicly searchable, indexable, etc. Things like the Internet Archive exist for a reason and have massive utility, and they can glean nothing from Discord. If Discord dies, so dies all of the info with it.

Bloated?

Discord, and like basically all of the modern Electron messaging apps (Slack’s probably hiding in a corner trying to avoid getting noticed in this conversation) are massively bloated. These are basically ridiculously overgrown IRC clients which we had back in 1998 that cover about 90% of the functionality of Discord, except those IRC clients used to run in single digit mb’s of RAM and CPU use was basically negligible and they launched more or less instantly. Can’t launch Discord on either an M1 MacBook nor my I9 PC without it taking long enough to load for me to grab a coffee.

Anyway, Discord’s original intended use of like realtime conversation is fine, but yeah the clients are garbage and as a replacement for reddit/lemmy/other forum software, it’s just choosing the wrong tool for the job. Even for the use cases it does have, it’s been a solved problem since the 90’s, but those solutions didn’t allow for some tech bros or VCs to make a bunch of money. It’s always been amazing to me that either Discord or Slack even have a business model.

Oh, and personally I find Discord in particular atrociously designed, and Slack not much better. How either handle threading are enough to make me not want to bother with threading, for example. Discord is fantastically ugly also imo.

iirc that is deliberate. They move things around so you have to browse and hopefully buy more than what you came for.

I’m in the US, the general hyperbole against self check here doesn’t come close to matching my experience.

Just scan the alcohol first, scan the rest next. As long as it’s not the only thing you’re getting, it’s almost def faster. Even if it is the only thing you’re getting, the time for someone to do an age check compared to standing behind 2 carts/trollies is nothing. Self check for me almost every time is way, way faster. Exception being if I have a ton of groceries (I can scan as fast as teh employees, but the self check shit has more guardrails that slow shit down) or a ton of produce (employees at a lot of stores are required to memorize the PLU, I am not.)

The only thing is that I wish I had something other than the phone for the scanning. Using the phone camera to scan isn’t anywhere near as fast/good as using a scanning gun.

But my guess is that it got removed because too many people were “scanning” and just taking off. It’s pretty easy to fool self check, but enough people will avoid trying because there are people there, cameras, etc. Pretty hard to get that coverage on the whole store.