• Fake4000@lemmy.world
    link
    fedilink
    English
    arrow-up
    26
    arrow-down
    5
    ·
    1 year ago

    I absolutely am not an iPhone or iMessage fan, but criticizing a company for blocking someone who reverse engineered they platform to gain access isn’t right in my opinion.

    If a 3rd party app is allowed to utilise Apple’s iMessage protocol/network, then every other messaging provider (WhatsApp, Telegram, etc) will be required to open up their platforms.

    I cant wait to see the day where WhatsApp allows 3rd party apps to use their messaging network.

    • atrielienz@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      arrow-down
      9
      ·
      1 year ago

      Apple has reverse engineered a lot of stuff to make it work on apple products. A fair number of Microsoft products specifically. I don’t know why they should be exempt from having similar happen to them.

        • atrielienz@lemmy.world
          link
          fedilink
          English
          arrow-up
          2
          arrow-down
          4
          ·
          1 year ago

          DMCA specifically protects the right to reverse engineer something for interoperability. There is no reason other than being cordial to request “permission”.

          • mriguy@lemmy.world
            link
            fedilink
            arrow-up
            3
            arrow-down
            1
            ·
            edit-2
            1 year ago

            And that’s fine. Beeper and the 16yo hacker haven’t broken any laws, haven’t done anything wrong, and won’t go to jail. But that doesn’t mean Apple can’t close the hole they exploited. It is their messaging network, and they can make any changes to it that they want.

            • atrielienz@lemmy.world
              link
              fedilink
              English
              arrow-up
              1
              ·
              1 year ago

              I never made that claim. I never said it wasn’t Apple’s prerogative to close any loopholes or backdoors. I didn’t claim any ethics on the part of Beeper or the original exploiter. I am asking for a provable viable instance where the law was broken and what law and how. The person who blocked me made a lot of claims that they failed to back up with factual information with sources and repeated themselves several times with claims of unlawful conduct. They didn’t explain which laws had been broken or how. I would like that information still.

              I called myself a layman specifically because in the case of Apple products that’s what I am. I’m not criticizing apple for closing a potentially exploitable security flaw. I am saying that this tech company (like every other) is absolutely borrowing within the constraints of the law and outside it from other tech companies and that because that is the case there is some hypocrisy in the stance that somehow other companies are expected not to.

          • jard@sopuli.xyz
            link
            fedilink
            arrow-up
            1
            ·
            edit-2
            1 year ago

            Abjectly false according to established case law. There are exemptions to the protections for reverse engineering with both DMCA and EU directives; please go learn how the system works before you endanger others with these statements.

            In the US

            17 U.S. Code § 1201, article f (Reverse engineering) permits the use of reverse engineering to circumvent technological measures:

            • (1) … for the sole purpose of identifying and analyzing those elements of the program that are necessary to achieve interoperability of an independently created computer program with other programs … to the extent any such acts of identification and analysis do not constitute infringement under this title.
            • (2) a person may develop and employ technological means to circumvent a technological measure … for the purpose of enabling interoperability of an independently created computer program with other programs, if such means are necessary to achieve such interoperability, to the extent that doing so does not constitute infringement under this title.
            • (3) in acts described by (1), and means described by (2), reverse engineering is done solely for the purpose of enabling interoperability of an independently created computer program with other programs, and to the extent that doing so does not constitute infringement under this title or violate applicable law other than this section.

            In all 3 cases, Beeper developed and marketed an app specifically as “iMessage for Android”, and charged money for it. This goes far beyond “establishing interoperability,” as they were using this reverse engineered information to bolster their brand and profit off of it. I highlighted each salient point of the clauses specifically because these actions infringe on Apple’s copyright.

            You misunderstand what the purpose of the DMCA is: it’s supposed to protect corporations like Apple, not the hacker underdogs that you’re rooting for. In its literal first article it forbids all general forms of technological circumvention unless they can be shown to fall into a very specific category of “non-infringing” exceptions. If you actually read it, the DMCA limits reverse engineering, not protects it.

            Additionally, Beeper’s actions already violate Apple’s EULA, which is a legally binding contract, so what they’ve done (and actually, anyone who used Beeper Mini) is illegal under contract law as well.

            In the EU

            Directive 2009/24/EC of the European Parliament, article 6 (Decompilation) states that the protections of information obtained through reverse engineering or decompilation of a computer program do not apply if that information is:

            • (a) to be used for goals other than to achieve the interoperability of the independently created computer program;
            • (b) to be given to others, except when necessary for the interoperability of the independently created computer program;
            • (c) to be used for the development, production or marketing of a computer program substantially similar in its expression, or for any other act which infringes copyright.

            Beeper charged money for a subscription in order to achieve interoperability. This is a goal of profitmaking, not achieving interoperability. (a) disqualifies them for protection.

            Beeper, additionally, delivered access to their reverse engineered exploit to others in an unnecessary manner by charging money. (b) disqualifies them for protection.

            Beeper developed a computer program that is substantially similar to (Apple) Messages’ expression (it literally was a messaging app that was advertised as “iMessage for Android.”). This infringes on Apple’s copyright. (c) disqualifies them for protection.

            Beeper quite literally fails in all 3 cases that would protect them from litigation in the EU.

            The fact of the matter is simple: You are defending criminal behavior that is illegal in both the US and EU.

            There is no reason other than being cordial to request “permission”.

            This is also blatantly false. Reverse engineering intrinsically entails violating the copyrights or intellectual property of another party, thus entitling them to damages if pursued. DMCA provides a means for the “infringing party” to be protected from litigation in certain circumstances, but even better than the DMCA is the means of obtaining direct permission, which establishes a legally binding contract between the copyright holder and the infringing party. This is what white hat hackers and pentesters need to do all the time, because their actions would otherwise be completely illegal under any jurisdiction.

            • atrielienz@lemmy.world
              link
              fedilink
              English
              arrow-up
              1
              ·
              edit-2
              1 year ago

              Has Beeper actually charged money for it? My understanding is that this rollout was planned to be paid eventually but nobody has paid anything as of yet for the functionality.

              By your own admission though, beeper is using an exploit that they did not reverse engineer. They paid for someone else’s process which probably was covered under DMCA at the time. I will wait to see if Apple decides on litigation because so far I haven’t even heard a word about them suing beeper and I absolutely think they would if beeper has done something illegal.

              You quote directly from the same source I was using (Cornell law) and your quote directly suggests that reverse engineering for the purposes of interoperability (in this case with iMessage and it’s use on iPhones and the interoperability with android phones) appear to both be covered. If they aren’t covered you haven’t explained why your suggestion that they are doing so to profit makes sense except they haven’t charged anyone that I can find for the service. Even their FAQ has been updated to say they will continue offering the service free of charge and will warn users when it moves to a paid service. I don’t dispute that they do plan to have a paid service but at this juncture they haven’t actually implemented that.

              I don’t “misunderstand the purpose of DMCA”. I actually couldn’t care less about apple or beeper. I don’t use either brand or service and this is a solution to a problem I don’t have. I find the tech discussion around the interoperability of iMessage and RCS (assuming that actually happens) interesting, but again it doesn’t directly benefit me in any way. Pretty much my whole family use android phones. I don’t have any friends who appear to care about the blue bubble green bubble nonsense, though I am tangentially aware of it, mostly through tech articles.

              Are beeper required to agree to Apple’s EULA? If so, why? Please explain that.

              You assert that I am “defending”. I haven’t actually defended anything. I simply pointed out that wording in the DMCA would suggest that Beeper was exempt from certain restrictions. That’s not the same thing.

              Did I hurt your feelings or something? Are you taking out your frustrations with other people on me? Because it does seem like it.

              • jard@sopuli.xyz
                link
                fedilink
                arrow-up
                1
                ·
                edit-2
                1 year ago

                Has Beeper actually charged money for it?

                https://help.beeper.com/en_US/beeper-mini/beeper-mini-getting-started-guide-site

                Beeper Mini subscription (7-day free trial or an additional month of use if referred by an iPhone user):

                *Beeper Mini Subscription Update: Though Beeper Mini is a subscription-based app, it will be available free of charge temporarily. (Note: This was an update to Apple patching the iMessage security exploit on Friday) *

                What you get:

                • Send iMessages using your Android device.
                • Join iMessage-only group chats seamlessly.
                • Full-resolution images and videos, plus replies and reactions.
                • Secured with end-to-end encryption.
                • Cancel anytime.

                They also got two hundred thousand monthly subscriptions in the few days that it was available. Simply inexcusable.

                You quote directly from the same source I was using (Cornell law) and your quote directly suggests that reverse engineering for the purposes of interoperability (in this case with iMessage and it’s use on iPhones and the interoperability with android phones) appear to both be covered.

                Please refer to the following excerpt, because you didn’t bother reading anything I wrote:

                “In all 3 cases, Beeper developed and marketed an app specifically as “iMessage for Android”, and charged money for it. This goes far beyond “establishing interoperability,” as they were using this reverse engineered information to bolster their brand and profit off of it. I highlighted each salient point of the clauses specifically because these actions infringe on Apple’s copyright.”

                I actually couldn’t care less about apple or beeper.

                Then why are you even here? This is a community for Apple enthusiasts, to discuss Apple things.

                Are beeper required to agree to Apple’s EULA? If so, why? Please explain that.

                It’s directly stated in the acronym of EULA - End User License Agreement. If you use any Apple service, you become an end user and thus automatically agree to the terms by definition. To opt out or “disagree” with Apple’s EULA, don’t use Apple services or products like iMessage.

                The app had to be developed through the usage/exploitation of the iMessage API and Apple’s servers. This makes Mr. JJTech0130 and Beeper’s developers ‘end users’. Android users who enrolled their phone numbers in iMessage (which was necessary to use Beeper Mini) makes them ‘end users’.

                Are you taking out your frustrations with other people on me? Because it does seem like it.

                Yes, I’m annoyed that Android users continue to come in here again and again, completely misinformed about the situation, and write complete nonsense. Especially if it’s nonsense that’ll get you laughed out of a courtroom, and a lifetime of contractual payments to Apple.

                • atrielienz@lemmy.world
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  arrow-down
                  1
                  ·
                  edit-2
                  1 year ago

                  I read everything you wrote. I’m trying to understand and you come off as hostile and appear to be forgetting that not everyone has all the details you seem to be keeping in your head. Calm down and explain it for a layman, please.

                  Edit: Also, is Apple so exclusive that I can’t just have an interest in knowing about the tech? Because literally that’s why I am here.

                  • jard@sopuli.xyz
                    link
                    fedilink
                    arrow-up
                    1
                    ·
                    edit-2
                    1 year ago

                    Sure. Let’s say I create an Android app called “Gesture,” whose goal is interoperability between all messaging platforms. I was able to establish interoperability between WhatsApp, Signal, Google Messages, Slack, Instagram, Facebook Messenger, you name it… Now I’m looking at iMessage, and I manage to find a way to reverse engineer a way of sending iMessages! Great!

                    Now, my intentions are to not profit off this endeavor, but to enable interoperability between Apple and Android. To this end, I fully release the code for this app, free for anyone to analyze and use themselves. The branding and marketing for this app is non-existent, as I do not want to make myself appear as a competitor to iMessage for legal reasons. I choose not to publish this app on the Play Store which has native venues for payments and subscriptions, but instead elect for free, open source alternatives like F-Droid.

                    Have I taken the steps necessary to establish that the sole motivation for this application is for interoperability? Yes:

                    • I have not created any means in which I can profit from this app; it is free to obtain and use
                    • users do not need to spend money through Google or another payment processor to use my app
                    • there is no way people can pay me for my effort; “Gesture” is just another piece of hobbyist software out there
                    • no branding for this application exists, knowledge of the app’s existence is done purely through word of mouth in tech-oriented communities

                    Note that doesn’t make my actions any less illegal, as they still violate Apple’s EULA. I’m still subject to what Apple would do to me to rectify this (which is almost always going to be arbitration, where Apple lawyers meet up with me and tell me to stop everything, take it all down, and also probably make me pay a bunch of money too.)

                    Now let’s say that a company called “Clicker,” who also specializes in interoperability between platforms, buys my reverse engineered app, and creates their own app called “Clicker Mini.” This app specifically packages my iMessage code into their own branded app using their “Clicker” brand. Furthermore, to use their app, a $2/month subscription agreement is required, and it is advertised that this subscription grants the ability to “send iMessages using your Android device.” The app was marketed from the very beginning to be an “new iMessage messenger for Android,” as reflected by many news sources.

                    Have they taken the steps necessary to establish that their sole motivation for Clicker Mini was to establish interoperability with Apple Messages? No.

                    • They tied these features under a brand name (“Clicker”)
                    • It is very clear from their intent that they want their “Clicker” brand to be associated with Android + iMessage
                    • they bundled this feature under a subscription agreement between its own end users where they agree to pay a certain amount of money each month.

                    All of these actions become profitable for Clicker as a company, as the advertisement of “Android + iMessage” capability draws interested customers who enroll in the subscription agreement, as well as any other services Clicker offers… let’s say Clicker Cloud is one of them, for example.

                    Additionally, since my iMessage app violated Apple’s EULA, Clicker’s implementation also violates Apple’s EULA. The only difference here is that Clicker is a full fledged company, meaning that Apple is far more inclined to just sue the hell out of them.

                    Beeper is essentially bolstering and forging their own brand name by using Apple’s intellectual property. No matter what way you look at it or which laws you cite, that is copyright infringement to the first degree.

    • Eldritch@lemmy.world
      link
      fedilink
      English
      arrow-up
      9
      arrow-down
      15
      ·
      1 year ago

      It’s very right. All messaging platforms should be open or interoperable.

      Imagine if from Hotmail you could only email others on Hotmail. Or the same with Gmail. Or not being able to SMS anyone on at&t from any other telco. There’s no good reason to limit it like that.

      Also consider that they were charging for the service. The only part of the deal I wasn’t keen on. 1 because again, messaging should be open and interoperable. 2 they were basically charging a recurring fee for access to Apple’s service, not specifically theirs in this instance. Which seems bad on Beeper, until you realize that Apple is basically refusing to make money from their service. And they’re not doing it out of principle, ideology, or good will. They’re doing it because they don’t want to compete. Not with regards to iMessage, or anything else.