• atrielienz@lemmy.world
    link
    fedilink
    English
    arrow-up
    3
    arrow-down
    9
    ·
    1 year ago

    Apple has reverse engineered a lot of stuff to make it work on apple products. A fair number of Microsoft products specifically. I don’t know why they should be exempt from having similar happen to them.

      • atrielienz@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        arrow-down
        4
        ·
        1 year ago

        DMCA specifically protects the right to reverse engineer something for interoperability. There is no reason other than being cordial to request “permission”.

        • mriguy@lemmy.world
          link
          fedilink
          arrow-up
          3
          arrow-down
          1
          ·
          edit-2
          1 year ago

          And that’s fine. Beeper and the 16yo hacker haven’t broken any laws, haven’t done anything wrong, and won’t go to jail. But that doesn’t mean Apple can’t close the hole they exploited. It is their messaging network, and they can make any changes to it that they want.

          • atrielienz@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            I never made that claim. I never said it wasn’t Apple’s prerogative to close any loopholes or backdoors. I didn’t claim any ethics on the part of Beeper or the original exploiter. I am asking for a provable viable instance where the law was broken and what law and how. The person who blocked me made a lot of claims that they failed to back up with factual information with sources and repeated themselves several times with claims of unlawful conduct. They didn’t explain which laws had been broken or how. I would like that information still.

            I called myself a layman specifically because in the case of Apple products that’s what I am. I’m not criticizing apple for closing a potentially exploitable security flaw. I am saying that this tech company (like every other) is absolutely borrowing within the constraints of the law and outside it from other tech companies and that because that is the case there is some hypocrisy in the stance that somehow other companies are expected not to.

        • jard@sopuli.xyz
          link
          fedilink
          arrow-up
          1
          ·
          edit-2
          1 year ago

          Abjectly false according to established case law. There are exemptions to the protections for reverse engineering with both DMCA and EU directives; please go learn how the system works before you endanger others with these statements.

          In the US

          17 U.S. Code § 1201, article f (Reverse engineering) permits the use of reverse engineering to circumvent technological measures:

          • (1) … for the sole purpose of identifying and analyzing those elements of the program that are necessary to achieve interoperability of an independently created computer program with other programs … to the extent any such acts of identification and analysis do not constitute infringement under this title.
          • (2) a person may develop and employ technological means to circumvent a technological measure … for the purpose of enabling interoperability of an independently created computer program with other programs, if such means are necessary to achieve such interoperability, to the extent that doing so does not constitute infringement under this title.
          • (3) in acts described by (1), and means described by (2), reverse engineering is done solely for the purpose of enabling interoperability of an independently created computer program with other programs, and to the extent that doing so does not constitute infringement under this title or violate applicable law other than this section.

          In all 3 cases, Beeper developed and marketed an app specifically as “iMessage for Android”, and charged money for it. This goes far beyond “establishing interoperability,” as they were using this reverse engineered information to bolster their brand and profit off of it. I highlighted each salient point of the clauses specifically because these actions infringe on Apple’s copyright.

          You misunderstand what the purpose of the DMCA is: it’s supposed to protect corporations like Apple, not the hacker underdogs that you’re rooting for. In its literal first article it forbids all general forms of technological circumvention unless they can be shown to fall into a very specific category of “non-infringing” exceptions. If you actually read it, the DMCA limits reverse engineering, not protects it.

          Additionally, Beeper’s actions already violate Apple’s EULA, which is a legally binding contract, so what they’ve done (and actually, anyone who used Beeper Mini) is illegal under contract law as well.

          In the EU

          Directive 2009/24/EC of the European Parliament, article 6 (Decompilation) states that the protections of information obtained through reverse engineering or decompilation of a computer program do not apply if that information is:

          • (a) to be used for goals other than to achieve the interoperability of the independently created computer program;
          • (b) to be given to others, except when necessary for the interoperability of the independently created computer program;
          • (c) to be used for the development, production or marketing of a computer program substantially similar in its expression, or for any other act which infringes copyright.

          Beeper charged money for a subscription in order to achieve interoperability. This is a goal of profitmaking, not achieving interoperability. (a) disqualifies them for protection.

          Beeper, additionally, delivered access to their reverse engineered exploit to others in an unnecessary manner by charging money. (b) disqualifies them for protection.

          Beeper developed a computer program that is substantially similar to (Apple) Messages’ expression (it literally was a messaging app that was advertised as “iMessage for Android.”). This infringes on Apple’s copyright. (c) disqualifies them for protection.

          Beeper quite literally fails in all 3 cases that would protect them from litigation in the EU.

          The fact of the matter is simple: You are defending criminal behavior that is illegal in both the US and EU.

          There is no reason other than being cordial to request “permission”.

          This is also blatantly false. Reverse engineering intrinsically entails violating the copyrights or intellectual property of another party, thus entitling them to damages if pursued. DMCA provides a means for the “infringing party” to be protected from litigation in certain circumstances, but even better than the DMCA is the means of obtaining direct permission, which establishes a legally binding contract between the copyright holder and the infringing party. This is what white hat hackers and pentesters need to do all the time, because their actions would otherwise be completely illegal under any jurisdiction.

          • atrielienz@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            edit-2
            1 year ago

            Has Beeper actually charged money for it? My understanding is that this rollout was planned to be paid eventually but nobody has paid anything as of yet for the functionality.

            By your own admission though, beeper is using an exploit that they did not reverse engineer. They paid for someone else’s process which probably was covered under DMCA at the time. I will wait to see if Apple decides on litigation because so far I haven’t even heard a word about them suing beeper and I absolutely think they would if beeper has done something illegal.

            You quote directly from the same source I was using (Cornell law) and your quote directly suggests that reverse engineering for the purposes of interoperability (in this case with iMessage and it’s use on iPhones and the interoperability with android phones) appear to both be covered. If they aren’t covered you haven’t explained why your suggestion that they are doing so to profit makes sense except they haven’t charged anyone that I can find for the service. Even their FAQ has been updated to say they will continue offering the service free of charge and will warn users when it moves to a paid service. I don’t dispute that they do plan to have a paid service but at this juncture they haven’t actually implemented that.

            I don’t “misunderstand the purpose of DMCA”. I actually couldn’t care less about apple or beeper. I don’t use either brand or service and this is a solution to a problem I don’t have. I find the tech discussion around the interoperability of iMessage and RCS (assuming that actually happens) interesting, but again it doesn’t directly benefit me in any way. Pretty much my whole family use android phones. I don’t have any friends who appear to care about the blue bubble green bubble nonsense, though I am tangentially aware of it, mostly through tech articles.

            Are beeper required to agree to Apple’s EULA? If so, why? Please explain that.

            You assert that I am “defending”. I haven’t actually defended anything. I simply pointed out that wording in the DMCA would suggest that Beeper was exempt from certain restrictions. That’s not the same thing.

            Did I hurt your feelings or something? Are you taking out your frustrations with other people on me? Because it does seem like it.

            • jard@sopuli.xyz
              link
              fedilink
              arrow-up
              1
              ·
              edit-2
              1 year ago

              Has Beeper actually charged money for it?

              https://help.beeper.com/en_US/beeper-mini/beeper-mini-getting-started-guide-site

              Beeper Mini subscription (7-day free trial or an additional month of use if referred by an iPhone user):

              *Beeper Mini Subscription Update: Though Beeper Mini is a subscription-based app, it will be available free of charge temporarily. (Note: This was an update to Apple patching the iMessage security exploit on Friday) *

              What you get:

              • Send iMessages using your Android device.
              • Join iMessage-only group chats seamlessly.
              • Full-resolution images and videos, plus replies and reactions.
              • Secured with end-to-end encryption.
              • Cancel anytime.

              They also got two hundred thousand monthly subscriptions in the few days that it was available. Simply inexcusable.

              You quote directly from the same source I was using (Cornell law) and your quote directly suggests that reverse engineering for the purposes of interoperability (in this case with iMessage and it’s use on iPhones and the interoperability with android phones) appear to both be covered.

              Please refer to the following excerpt, because you didn’t bother reading anything I wrote:

              “In all 3 cases, Beeper developed and marketed an app specifically as “iMessage for Android”, and charged money for it. This goes far beyond “establishing interoperability,” as they were using this reverse engineered information to bolster their brand and profit off of it. I highlighted each salient point of the clauses specifically because these actions infringe on Apple’s copyright.”

              I actually couldn’t care less about apple or beeper.

              Then why are you even here? This is a community for Apple enthusiasts, to discuss Apple things.

              Are beeper required to agree to Apple’s EULA? If so, why? Please explain that.

              It’s directly stated in the acronym of EULA - End User License Agreement. If you use any Apple service, you become an end user and thus automatically agree to the terms by definition. To opt out or “disagree” with Apple’s EULA, don’t use Apple services or products like iMessage.

              The app had to be developed through the usage/exploitation of the iMessage API and Apple’s servers. This makes Mr. JJTech0130 and Beeper’s developers ‘end users’. Android users who enrolled their phone numbers in iMessage (which was necessary to use Beeper Mini) makes them ‘end users’.

              Are you taking out your frustrations with other people on me? Because it does seem like it.

              Yes, I’m annoyed that Android users continue to come in here again and again, completely misinformed about the situation, and write complete nonsense. Especially if it’s nonsense that’ll get you laughed out of a courtroom, and a lifetime of contractual payments to Apple.

              • atrielienz@lemmy.world
                link
                fedilink
                English
                arrow-up
                1
                arrow-down
                1
                ·
                edit-2
                1 year ago

                I read everything you wrote. I’m trying to understand and you come off as hostile and appear to be forgetting that not everyone has all the details you seem to be keeping in your head. Calm down and explain it for a layman, please.

                Edit: Also, is Apple so exclusive that I can’t just have an interest in knowing about the tech? Because literally that’s why I am here.

                • jard@sopuli.xyz
                  link
                  fedilink
                  arrow-up
                  1
                  ·
                  edit-2
                  1 year ago

                  Sure. Let’s say I create an Android app called “Gesture,” whose goal is interoperability between all messaging platforms. I was able to establish interoperability between WhatsApp, Signal, Google Messages, Slack, Instagram, Facebook Messenger, you name it… Now I’m looking at iMessage, and I manage to find a way to reverse engineer a way of sending iMessages! Great!

                  Now, my intentions are to not profit off this endeavor, but to enable interoperability between Apple and Android. To this end, I fully release the code for this app, free for anyone to analyze and use themselves. The branding and marketing for this app is non-existent, as I do not want to make myself appear as a competitor to iMessage for legal reasons. I choose not to publish this app on the Play Store which has native venues for payments and subscriptions, but instead elect for free, open source alternatives like F-Droid.

                  Have I taken the steps necessary to establish that the sole motivation for this application is for interoperability? Yes:

                  • I have not created any means in which I can profit from this app; it is free to obtain and use
                  • users do not need to spend money through Google or another payment processor to use my app
                  • there is no way people can pay me for my effort; “Gesture” is just another piece of hobbyist software out there
                  • no branding for this application exists, knowledge of the app’s existence is done purely through word of mouth in tech-oriented communities

                  Note that doesn’t make my actions any less illegal, as they still violate Apple’s EULA. I’m still subject to what Apple would do to me to rectify this (which is almost always going to be arbitration, where Apple lawyers meet up with me and tell me to stop everything, take it all down, and also probably make me pay a bunch of money too.)

                  Now let’s say that a company called “Clicker,” who also specializes in interoperability between platforms, buys my reverse engineered app, and creates their own app called “Clicker Mini.” This app specifically packages my iMessage code into their own branded app using their “Clicker” brand. Furthermore, to use their app, a $2/month subscription agreement is required, and it is advertised that this subscription grants the ability to “send iMessages using your Android device.” The app was marketed from the very beginning to be an “new iMessage messenger for Android,” as reflected by many news sources.

                  Have they taken the steps necessary to establish that their sole motivation for Clicker Mini was to establish interoperability with Apple Messages? No.

                  • They tied these features under a brand name (“Clicker”)
                  • It is very clear from their intent that they want their “Clicker” brand to be associated with Android + iMessage
                  • they bundled this feature under a subscription agreement between its own end users where they agree to pay a certain amount of money each month.

                  All of these actions become profitable for Clicker as a company, as the advertisement of “Android + iMessage” capability draws interested customers who enroll in the subscription agreement, as well as any other services Clicker offers… let’s say Clicker Cloud is one of them, for example.

                  Additionally, since my iMessage app violated Apple’s EULA, Clicker’s implementation also violates Apple’s EULA. The only difference here is that Clicker is a full fledged company, meaning that Apple is far more inclined to just sue the hell out of them.

                  Beeper is essentially bolstering and forging their own brand name by using Apple’s intellectual property. No matter what way you look at it or which laws you cite, that is copyright infringement to the first degree.

                  • atrielienz@lemmy.world
                    link
                    fedilink
                    English
                    arrow-up
                    1
                    ·
                    1 year ago

                    But you’ve failed to draw the parallel here between Apple and their intellectual property being reverse engineered by a third party who’s motivations remain unknown, and Beeper who bought the reverse engineering code/process from that third party for the purpose of interoperability. Which I believe I said before but perhaps wasn’t clear about. Proving in court that the original engineer of this exploit did so for the purposes of interoperability, or if the intent was to make money will seemingly be between Apple, the courts, and that entity.

                    Apple device users are subject to the EULA. Beeper and their customers may or may not be depending on if they are Apple device users. There is some gray area here as far as the messaging because my understanding based on the articles I have read is that Beeper is calling their App “Beeper Mini”, and are simply marketing it as what it is. A way for Android users to interface with Apple iMessage users. They aren’t calling it iMessage for Android. They are calling it Beeper Mini. That being said, the tagline is “iMessage on Android” and yes it does bill itself as enabling Android users to send and receive imessages. The important thing to note here is they go on to say that it’s a stand alone app built to send and receive “blue bubble messages” on Android. They don’t claim it’s an apple product, just that it works with apple products (I’m reading directly from their website here).

                    The reflection in news sources isn’t the greatest point to be made specifically because news outlets have a history of creating taglines, nicknames and nomenclature for things that the original entity behind the story has no real say in. Serial killers are a good example. News networks are notorious for naming serial killers despite law enforcement avoiding giving them monikers like “golden state killer” etc.

                    I agree with you that Beeper is implementing a paid system and that this was always the intention. I believe I said that as well in my original statement. However I’m still trying to connect the dots as to how Apple has grounds against Beeper specifically. Surely they may potentially have grounds against the original exploiter. But against Beeper? Have they actually stolen Apple’s intellectual property?

                    I wouldn’t know a lot of things about Apple if I didn’t occasionally peruse communities like this one. There is only so much context you can get from Android users (even people who use both, or neither) about Apple products. I wouldn’t for instance understand why the original Beeper was such a big deal to some Apple users, until someone explained in a different thread that they like being able to answer messages from their work phone or work station (not an apple product), throughout their work day. I’ve worked in places where cell phones were absolutely not allowed, so I could see how this could be a big deal.