Beeper's iMessage Fight With Apple Has Blown Up Into a Debate Over Regulating Big Tech | Canada News Media
Connect with us

Tech

Beeper’s iMessage Fight With Apple Has Blown Up Into a Debate Over Regulating Big Tech

Published

11 months ago

 on

When Beeper launched a version of its long-in-the-works “iMessage for Android” app a couple of weeks ago, flaunting its ability to turn green Android texts into Apple’s proprietary blue bubble messages, the upstart knew that this would likely get Apple’s attention.

It just didn’t anticipate getting this much attention.

Since Beeper launched its Mini app in the Google Play Store on December 5, the app has suffered mysterious outages, was mentioned in a tweet by US senator Elizabeth Warren of Massachusetts, and is now the subject of a letter sent to the Department of Justice calling for a deeper investigation into what has happened to Beeper. It’s a dramatic turn for an app that was supposed to be a simple bridge between green-bubble and blue-bubble texts—and has firmly positioned the app as a David to Apple’s Goliath.

The ongoing Beeper saga has also sparked discourse about interoperability between messaging apps and whether Apple’s tight control over its software systems is justified or anticompetitive.

“There are real antitrust implications here, and most people aren’t really getting the full picture,” says Eric Migicovsky, Beeper cofounder and a well-known open source software advocate. “They think, ‘Apple made iMessage, therefore they get exclusive rights to control access to it.’ But when you make a phone that’s used by more than 50 percent of the population in the States, and you make your app the default, you’re held to a higher degree of rules and regulation.” (By some estimates, iPhone market share in the US is less than 50 percent; Apple also doesn’t prevent iPhone users from using any chat app they choose but does default to Messages for incoming texts that are tied to a cellular number.)

For over three years now, Beeper has been trying to launch a mobile app for Android users that would allow them to interact with iPhone’s proprietary messages in a way that didn’t “break” the rich features or security protections that come with iPhone-to-iPhone messages.

Apple’s Messages app—which is sometimes referred to as iMessage and sometimes Messages, depending on whether one is referring to the protocol or the actual app—is fully controlled by Apple and offers end-to-end encryption. It’s available only on Apple devices, like iPhones, iPads, and Macs; Apple’s leadership has expressed in the past that making the app’s rich messaging features available on Android would hurt Apple’s lock-in strategy. So, if you’re on a group chat with a combination of iPhone and Android users all using their phones’ default messaging apps, the chat will use SMS texts and not Apple Messages.

Beeper, a YCombinator-backed startup, initially came up with an expensive and inherently insecure method to make a beta version of its app work. This method sent every message through a relay server before arriving at the recipient’s messaging client. Then, late this summer, the company landed on a breakthrough technique, originally drafted as a proof of concept by a 16-year-old high school student in Pennsylvania. The young coder reverse-engineered the way notifications work on iPhone, found a loophole in the way credentials are registered with Apple’s servers during the notifications process, and applied that to messaging.

Beeper bifurcated its product: It kept its original relay system in place (called Beeper Cloud) and separately launched a version of its app (called Beeper Mini) that would use this new technological framework for turning Android messages into blue bubble Messages.

According to Beeper, its solution made Beeper Mini a more secure option than if an Android user were to use their phone’s default messaging app to text an iPhone user, because Beeper Mini maintained end-to-end encryption. Beeper users also didn’t have to share an Apple ID or Apple password with the Beeper Mini app in order to gain access to it. At launch earlier this month, the company charged $2 per month for Beeper Mini. It was downloaded by more than 100,000 people in its first 48 hours.

But in the days after launch, Beeper Mini suffered an app outage. At that time, Migicovsky told WIRED he believed that Apple may have cut off the technical ability for Beeper Mini to function, noting that the app outage didn’t seem to be caused by any sort of broader network issue.

Apple didn’t respond to WIRED’s requests for comment on the outage, but the company later issued a statement to The Verge acknowledging that it had taken action against Beeper. “We took steps to protect our users by blocking techniques that exploit fake credentials in order to gain access to iMessage,” an Apple spokeswoman told the outlet. “These techniques posed significant risks to user security and privacy, including the potential for metadata exposure and enabling unwanted messages, spam, and phishing attacks.”

While Beeper scrambled to get the app working again, US lawmakers took notice of what was happening. On December 10, Senator Warren tweeted on X, “Green bubble texts are less secure. So why would Apple block a new app allowing Android users to chat with iPhone users on iMessage? Big Tech executives are protecting profits by squashing competitors. Chatting between different platforms should be easy and secure.” The tweet was viewed more than 3 million times, according to X’s visible metrics system.

The blue-bubble–green-bubble wars were now officially reignited.

John Gruber, an Apple blogger famous in nerd circles, said that day in a post titled “Beeper? I Hardly Knew Her” that he wished Apple would release an iMessage client for Android. The idea usually plays well among the tech press and open source advocates who favor more interoperability between products. But, Gruber notes, it would be “untenable perception-wise for Apple to allow unauthorized client software on a messaging platform heralded first and foremost for its Apple-provided privacy and security.” The writer Mike Masnick called Apple’s actions “stupidly frustrating.”

Migicovsky, a systems engineer by trade who keeps up a steady stream of communication with the press, said in a text message on December 11, “It’s crazy that they’re attacking us for security.”

He fired off a list of not-hypothetical questions he has about iMessage, including: “Is Apple committed to supporting Google’s RCS encryption standard?” (Apple had said earlier that it would support RCS, which would solve some of the blue-bubble–green-bubble incompatibility.) “Is iMessage security and privacy for Chinese customers the same as Americans?” Migicovsky asked pointedly.

In a blog post, Beeper wrote that if Apple doubted the security and privacy of the app, Beeper was willing to share the Beeper Mini codebase with a mutually agreed upon third-party security research firm.

On December 11, the Beeper account on X tweeted a meme: “The reports of my death are greatly exaggerated.” Later that day the company said the Beeper Mini app for Android was back up and running.

It would continue, however, to experience intermittent problems. Users complained about two-factor authentication not working. Two days later, Beeper acknowledged that some users were unable to receive iMessages on Beeper Mini and Beeper Cloud—the whole point of using the app. This affected around 5 percent of users. Beeper told them to uninstall and reinstall the app.

Beeper eventually had to walk back from its original authentication—and monetization—scheme. The company had touted the fact that Beeper Mini users didn’t have to register with an Apple ID email or password in order to use the app. But now the company opted to deregister cellular phone numbers and rely on that email ID instead for message sending.

It also made the Beeper Mini app free, since Migicovsky and the team didn’t feel “comfortable subjecting paying users” to the chaos the app was ensnared in. This may also have been a reaction to Gruber’s point that “it was irresponsible to charge a subscription fee for a service they can’t guarantee access to.” But some in the tech industry have called Beeper’s iMessage workaround a “hack” of Apple’s proprietary technology and suggested that the company shouldn’t be able to monetize this.

On Sunday, December 17, US senators Amy Klobuchar, Mike Lee, Jerrold Nadler, and Ken Buck sent a letter to the assistant attorney general of the US Department of Justice calling for a deeper investigation. The senators said they were concerned that Apple’s recent actions to disable Beeper Mini “harm competition, eliminate choices for consumers, and will discourage future innovation and investment in interoperable messaging services.” The news was first reported by CBS News.

Migicovsky says that around 60 percent of all Beeper Mini and Beeper Cloud users are currently experiencing outages. Migicovsky indicated in an interview that Beeper is working on a fix but that Beeper engineers still aren’t 100 percent certain of what’s causing the latest outage. By Wednesday of this week, the company plans to publish another technical workaround.

Apple did not respond to multiple requests for comment.

Source link

Related Topics:
Continue Reading

Tech

Ottawa orders TikTok’s Canadian arm to be dissolved

Published

6 days ago

 on

November 6, 2024

By

 

The federal government is ordering the dissolution of TikTok’s Canadian business after a national security review of the Chinese company behind the social media platform, but stopped short of ordering people to stay off the app.

Industry Minister François-Philippe Champagne announced the government’s “wind up” demand Wednesday, saying it is meant to address “risks” related to ByteDance Ltd.’s establishment of TikTok Technology Canada Inc.

“The decision was based on the information and evidence collected over the course of the review and on the advice of Canada’s security and intelligence community and other government partners,” he said in a statement.

The announcement added that the government is not blocking Canadians’ access to the TikTok application or their ability to create content.

However, it urged people to “adopt good cybersecurity practices and assess the possible risks of using social media platforms and applications, including how their information is likely to be protected, managed, used and shared by foreign actors, as well as to be aware of which country’s laws apply.”

Champagne’s office did not immediately respond to a request for comment seeking details about what evidence led to the government’s dissolution demand, how long ByteDance has to comply and why the app is not being banned.

A TikTok spokesperson said in a statement that the shutdown of its Canadian offices will mean the loss of hundreds of well-paying local jobs.

“We will challenge this order in court,” the spokesperson said.

“The TikTok platform will remain available for creators to find an audience, explore new interests and for businesses to thrive.”

The federal Liberals ordered a national security review of TikTok in September 2023, but it was not public knowledge until The Canadian Press reported in March that it was investigating the company.

At the time, it said the review was based on the expansion of a business, which it said constituted the establishment of a new Canadian entity. It declined to provide any further details about what expansion it was reviewing.

A government database showed a notification of new business from TikTok in June 2023. It said Network Sense Ventures Ltd. in Toronto and Vancouver would engage in “marketing, advertising, and content/creator development activities in relation to the use of the TikTok app in Canada.”

Even before the review, ByteDance and TikTok were lightning rod for privacy and safety concerns because Chinese national security laws compel organizations in the country to assist with intelligence gathering.

Such concerns led the U.S. House of Representatives to pass a bill in March designed to ban TikTok unless its China-based owner sells its stake in the business.

Champagne’s office has maintained Canada’s review was not related to the U.S. bill, which has yet to pass.

Canada’s review was carried out through the Investment Canada Act, which allows the government to investigate any foreign investment with potential to might harm national security.

While cabinet can make investors sell parts of the business or shares, Champagne has said the act doesn’t allow him to disclose details of the review.

Wednesday’s dissolution order was made in accordance with the act.

The federal government banned TikTok from its mobile devices in February 2023 following the launch of an investigation into the company by federal and provincial privacy commissioners.

— With files from Anja Karadeglija in Ottawa

This report by The Canadian Press was first published Nov. 6, 2024.

The Canadian Press. All rights reserved.

Source link

Continue Reading

Health

Here is how to prepare your online accounts for when you die

Published

3 weeks ago

 on

October 24, 2024

By

 

LONDON (AP) — Most people have accumulated a pile of data — selfies, emails, videos and more — on their social media and digital accounts over their lifetimes. What happens to it when we die?

It’s wise to draft a will spelling out who inherits your physical assets after you’re gone, but don’t forget to take care of your digital estate too. Friends and family might treasure files and posts you’ve left behind, but they could get lost in digital purgatory after you pass away unless you take some simple steps.

Here’s how you can prepare your digital life for your survivors:

Apple

The iPhone maker lets you nominate a “ legacy contact ” who can access your Apple account’s data after you die. The company says it’s a secure way to give trusted people access to photos, files and messages. To set it up you’ll need an Apple device with a fairly recent operating system — iPhones and iPads need iOS or iPadOS 15.2 and MacBooks needs macOS Monterey 12.1.

For iPhones, go to settings, tap Sign-in & Security and then Legacy Contact. You can name one or more people, and they don’t need an Apple ID or device.

You’ll have to share an access key with your contact. It can be a digital version sent electronically, or you can print a copy or save it as a screenshot or PDF.

Take note that there are some types of files you won’t be able to pass on — including digital rights-protected music, movies and passwords stored in Apple’s password manager. Legacy contacts can only access a deceased user’s account for three years before Apple deletes the account.

Google

Google takes a different approach with its Inactive Account Manager, which allows you to share your data with someone if it notices that you’ve stopped using your account.

When setting it up, you need to decide how long Google should wait — from three to 18 months — before considering your account inactive. Once that time is up, Google can notify up to 10 people.

You can write a message informing them you’ve stopped using the account, and, optionally, include a link to download your data. You can choose what types of data they can access — including emails, photos, calendar entries and YouTube videos.

There’s also an option to automatically delete your account after three months of inactivity, so your contacts will have to download any data before that deadline.

Facebook and Instagram

Some social media platforms can preserve accounts for people who have died so that friends and family can honor their memories.

When users of Facebook or Instagram die, parent company Meta says it can memorialize the account if it gets a “valid request” from a friend or family member. Requests can be submitted through an online form.

The social media company strongly recommends Facebook users add a legacy contact to look after their memorial accounts. Legacy contacts can do things like respond to new friend requests and update pinned posts, but they can’t read private messages or remove or alter previous posts. You can only choose one person, who also has to have a Facebook account.

You can also ask Facebook or Instagram to delete a deceased user’s account if you’re a close family member or an executor. You’ll need to send in documents like a death certificate.

TikTok

The video-sharing platform says that if a user has died, people can submit a request to memorialize the account through the settings menu. Go to the Report a Problem section, then Account and profile, then Manage account, where you can report a deceased user.

Once an account has been memorialized, it will be labeled “Remembering.” No one will be able to log into the account, which prevents anyone from editing the profile or using the account to post new content or send messages.

X

It’s not possible to nominate a legacy contact on Elon Musk’s social media site. But family members or an authorized person can submit a request to deactivate a deceased user’s account.

Passwords

Besides the major online services, you’ll probably have dozens if not hundreds of other digital accounts that your survivors might need to access. You could just write all your login credentials down in a notebook and put it somewhere safe. But making a physical copy presents its own vulnerabilities. What if you lose track of it? What if someone finds it?

Instead, consider a password manager that has an emergency access feature. Password managers are digital vaults that you can use to store all your credentials. Some, like Keeper,Bitwarden and NordPass, allow users to nominate one or more trusted contacts who can access their keys in case of an emergency such as a death.

But there are a few catches: Those contacts also need to use the same password manager and you might have to pay for the service.

___

Is there a tech challenge you need help figuring out? Write to us at onetechtip@ap.org with your questions.

Source link

Continue Reading

Tech

Google’s partnership with AI startup Anthropic faces a UK competition investigation

Published

3 weeks ago

 on

October 24, 2024

By

 

LONDON (AP) — Britain’s competition watchdog said Thursday it’s opening a formal investigation into Google’s partnership with artificial intelligence startup Anthropic.

The Competition and Markets Authority said it has “sufficient information” to launch an initial probe after it sought input earlier this year on whether the deal would stifle competition.

The CMA has until Dec. 19 to decide whether to approve the deal or escalate its investigation.

“Google is committed to building the most open and innovative AI ecosystem in the world,” the company said. “Anthropic is free to use multiple cloud providers and does, and we don’t demand exclusive tech rights.”

San Francisco-based Anthropic was founded in 2021 by siblings Dario and Daniela Amodei, who previously worked at ChatGPT maker OpenAI. The company has focused on increasing the safety and reliability of AI models. Google reportedly agreed last year to make a multibillion-dollar investment in Anthropic, which has a popular chatbot named Claude.

Anthropic said it’s cooperating with the regulator and will provide “the complete picture about Google’s investment and our commercial collaboration.”

“We are an independent company and none of our strategic partnerships or investor relationships diminish the independence of our corporate governance or our freedom to partner with others,” it said in a statement.

The U.K. regulator has been scrutinizing a raft of AI deals as investment money floods into the industry to capitalize on the artificial intelligence boom. Last month it cleared Anthropic’s $4 billion deal with Amazon and it has also signed off on Microsoft’s deals with two other AI startups, Inflection and Mistral.

The Canadian Press. All rights reserved.

Source link

Continue Reading

Trending

Exit mobile version