In the latest chapter of blue bubbles versus green bubbles, Apple has blocked access to iMessage from credentials masquerading as Apple in order to protect its customers, the company told CNET on Saturday evening. This comes after companies like Beeper and Nothing released Android apps that had provided a workaround.
The iPhone maker said that it cannot verify messages sent via “unauthorized” means that were posing as valid Apple credentials. Messages sent over iMessage have end-to-end encryption to ensure that no one but the sender and recipient has access. Apple said that it blocked these “fake credentials” in order to protect its customers.
The move comes less than a week after the company Beeper reversed-engineered iMessage access so that people using Android or Windows could use the service and send iMessages from non-Apple devices. Messages sent to an iPhone owner that would normally show up as green bubbles from an Android user over SMS, showed up as blue if sent from the Beeper Mini Android app.
“At Apple, we build our products and services with industry-leading privacy and security technologies designed to give users control of their data and keep personal information safe,” Apple said in a statement provided to CNET. “We took steps to protect our users by blocking techniques that exploit fake credentials in order to gain access to iMessage.”
To maintain end-to-end encryption, Apple can’t verify these messages sent through masquerading apps as having valid credentials.
“These techniques posed significant risks to user security and privacy, including the potential for metadata exposure and enabling unwanted messages, spam, and phishing attacks,” said Apple. “We will continue to make updates in the future to protect our users.”
Beeper Mini users took to Reddit on Friday to share that they couldn’t send or receive messages using the app. Some speculated that Apple was blocking them. Beeper co-founder Eric Migicovsky did not confirm the cause of the outage to CNET, but said the app experienced “overwhelming interest.” Migicovsky suggested the possibility that Apple may have blocked Beeper’s access. Turns out he was right.
All this follows Apple’s recent statement that it would adopt the RCS texting standard in 2024.
This is a developing story.
Source : https://www.cnet.com/tech/mobile/apple-took-steps-to-block-access-to-imessage-using-fake-credentials/#ftag=CAD590a51e