adespoton@lemmy.ca
on 15 Nov 2023 02:58
nextcollapse
I don’t recommend buying a nothing phone because of iMessage integration. It’s unlikely to last long, and they obviously haven’t explained how they’re pulling it off while not breaking E2E encryption and account privacy.
circuitfarmer@lemmy.sdf.org
on 15 Nov 2023 03:43
nextcollapse
They haven’t explained it because it’s a giant security issue. If it wasn’t, they would have included it in the announcement.
Just another company trying to ride the wave of free press.
Zaphod@discuss.tchncs.de
on 15 Nov 2023 07:52
collapse
According to some YouTubers that spoke to the CEO it runs through a Mac Mini on a server farm
relevants@feddit.de
on 15 Nov 2023 02:59
nextcollapse
How would they e2ee this without intercepting the messages? Also the irony of fighting against an exclusionary service by making your access tool also exclusionary …
pup_atlas@pawb.social
on 15 Nov 2023 04:47
collapse
In the article it mentions that the service is run by sunbird. Just by reading their FAQ it doesn’t actually sound like they are MITM’ing messages via some mac server somewhere. It actually sounds more plausible to me that they are doing all the magic “on device”. They specifically mention that this won’t work on multiple phones at the same time, that’s what’s tipping me off.
What I suspect is happening is that the phone itself is spoofing an actual iPhone, and connecting to Apple servers as if it is one. Normally you wouldn’t be able to do this, Apple sells the phones, so they know all the serial numbers that should be able to access iMessage, and would be able to block anything that doesn’t report to be a real iPhone. What I think may be happening is that sunbird could be buying up pallets of dead, old, or otherwise unusable iPhones for pennies on the dollar, and using those serial numbers to pretend they were an iPhone from another device (like the nothing phone) directly.
This would make sense with their business model, according to their FAQ they have “no reason to charge money” for their product yet. Buying access to iMessage for a few bucks upfront with no ongoing cost would match up with what they are claiming, and it would be extremely hard for Apple to detect on their end, as they would appear to be all sorts of models, bought at different times, in different places, and signed in by real people.
I want to reiterate that this is pure speculation on my part, it’s just a theory. Which this would mean that (in theory) chats could (and would) be E2E encrypted from sender to receiver, ultimately it’s still Nothing/Sunbird’s app, so they could be doing anything with it on device.
spckls@lemmy.world
on 15 Nov 2023 06:59
nextcollapse
According to JerryRigEverything, they actually run you through a mac mini on their server farm. He said he has info about that confirmed by the devs. Not sure what’s true, but i usually trust him, seems like a good guy.
Zaphod@discuss.tchncs.de
on 15 Nov 2023 07:48
nextcollapse
MKBHD said the same, apparently confirmed by their CEO
It also says that in the linked article itself lmao
relevants@feddit.de
on 15 Nov 2023 12:33
nextcollapse
You wrote a whole essay speculating when it literally says in the article:
Nothing Chats then leverages Sunbird’s undisclosed number of Mac mini computers across Europe and North America as a waypoint for sending and receiving iMessage-compatible texts and media.
pup_atlas@pawb.social
on 16 Nov 2023 18:58
collapse
They claim it in the article, and in a few other publications, but I haven’t seen anything that explicitly confirms, from sunbird, that this is the case, including on their website. They also make claims on their website that conflict with that architecture, as I don’t believe it would be possible to E2E encrypt messages like they claim they do. I kinda wonder if the Mac Mini claim is an assumption that everyone just ran with, without confirming that it’s true. I could be wrong though, I’ll gladly eat my words if anyone has a primary source to cite, but that architecture and business model just doesn’t appear to be compatible with their claims.
cheese_greater@lemmy.world
on 15 Nov 2023 13:50
collapse
Incredibly elaborate and provocative reply, fellow underscorer
Moonrise2473@feddit.it
on 15 Nov 2023 04:10
nextcollapse
How it probably works: you’re giving them your apple id login details and they setup iMessage on a Mac mini in their server farm. They proxy everything. End to end encryption is no more and they’re lying about it or intentionally vague. Like “end to end encryption until their server”
Because they would need to purchase and maintain a massive amount of Mac minis, and probably also playing cat and mouse with Apple, this is expensive and has an ongoing cost. What’s funding this? OEM wanting to have this on their phones? Chat contents for LLM training? Worse like bots using your apple id for posting fake app reviews?
Because I can’t imagine Nothing paying a recurring fee forever to them, with the small margin they have it should be a small one time fee
can@sh.itjust.works
on 15 Nov 2023 04:44
nextcollapse
Beeper also does this.
beejjorgensen@lemmy.sdf.org
on 15 Nov 2023 06:00
nextcollapse
the coveted green bubble messaging
I guess some people just have different priorities than I do. :)
pete_the_cat@lemmy.world
on 15 Nov 2023 10:27
collapse
It’s pretty ridiculous in the Apple world, the will look down on you if your first bubble isn’t the same as theirs and their friends.
2xsaiko@discuss.tchncs.de
on 15 Nov 2023 11:53
collapse
It’s just the network effect. Here unfortunately it’s WhatsApp, you pretty much have to use it because people organize events in groups with it and whatnot, and you’re the weirdo if you don’t have it. I actually deleted my account for a couple years but recently caved and made one again because people just wouldn’t use anything else and having someone else relay messages is annoying for both them and me.
I use iMessage when it’s available but I wish for groups (or just in general tbh) everyone would just use Signal because it’s both not tied to an expensive device and also not owned by a corporation with a track record of shamelessly exploiting user data.
iMessage is deliberately used as a “buy an iPhone or else”. Imagine if Google refused to show search results, emails, or DNS traffic for Apple and we just said it’s because people are tribal or some shit.
Apple needs to open up iMessage or adopt RCS for it to be “network effect”
2xsaiko@discuss.tchncs.de
on 16 Nov 2023 12:56
nextcollapse
Okay, sure, that’s just all of Apple’s software though. With a few exceptions (Apple Music and Safari for Windows (RIP) I believe) all their software has only been available for their own operating systems. And (especially since I’m a Linux user) it would be great if cross-platform software were the standard, I don’t think software can be truly cross-platform without being open source. And as much as I think forcing every company to open source all their code would be epic, I don’t think it’s reasonable, as much as I don’t think it’s reasonable to force them to port to every platform.
Rather I think that generally all software anyone can legally obtain should require any sort of file format, network protocol, or other protocols that are used to transfer information between computers to have (usable) public domain documentation, plus, in case the protocol makes use of device authentication, anyone to obtain a valid certificate for their device. This would solve the iMessage problem because it would allow anyone to write clients for it for any platform, but it would solve the same problem for iCloud, Microsoft Office (LibreOffice could have so much better compatibility if they didn’t have to reverse-engineer the file format), Photoshop, Dis “custom clients are against TOS” cord, and thousands of other proprietary software. Because those are all the same exact problem as far as I’m concerned.
Maybe you’re saying something along the same lines. But I don’t think it’s specifically an iMessage problem.
It’s not exclusively an iMessage problem, you’re right but it is for teenagers. This is probably the weakest point of my position but teenagers in my experience don’t peer pressure over tech specs but off obvious shit. iMessage directly shows you who is a green bubble or blue and who is going to send you compressed as hell videos and shit because of it.
Apple deliberately created a distinction of their own making with iMessage by making the bubbles different colors and refusing to support features to improve green bubbles for over a decade now. But the people who are razzing and peer pressuring aren’t exactly going to understand that iMessage wasn’t special tech or anything. RCS was out three years in advance to iMessage and all Apple had to do was allow it on iPhones.
Now outside of teenagers I have never really seen someone pressure people to have an iPhone. It’s a really childish thing to do because they’re really the same damn thing for the most part.
2xsaiko@discuss.tchncs.de
on 16 Nov 2023 18:52
nextcollapse
That’s good news. Apple has been dragging ass and forced again to do something to benefit others. USBC, Sideloading, and RCS. If they keep this up in 5 years they might think 8GB of RAM isn’t enough for a $2000 laptop.
pete_the_cat@lemmy.world
on 19 Nov 2023 20:37
collapse
Yeah, it’s literally just to make the iPhone seem more exclusive. Apple loves to make their products seem elite and exclusive.
pastermil@sh.itjust.works
on 15 Nov 2023 06:09
nextcollapse
“big win” for the US, nothing of value to the rest of the world.
threaded - newest
I don’t recommend buying a nothing phone because of iMessage integration. It’s unlikely to last long, and they obviously haven’t explained how they’re pulling it off while not breaking E2E encryption and account privacy.
They haven’t explained it because it’s a giant security issue. If it wasn’t, they would have included it in the announcement.
Just another company trying to ride the wave of free press.
According to some YouTubers that spoke to the CEO it runs through a Mac Mini on a server farm
How would they e2ee this without intercepting the messages? Also the irony of fighting against an exclusionary service by making your access tool also exclusionary …
In the article it mentions that the service is run by sunbird. Just by reading their FAQ it doesn’t actually sound like they are MITM’ing messages via some mac server somewhere. It actually sounds more plausible to me that they are doing all the magic “on device”. They specifically mention that this won’t work on multiple phones at the same time, that’s what’s tipping me off.
What I suspect is happening is that the phone itself is spoofing an actual iPhone, and connecting to Apple servers as if it is one. Normally you wouldn’t be able to do this, Apple sells the phones, so they know all the serial numbers that should be able to access iMessage, and would be able to block anything that doesn’t report to be a real iPhone. What I think may be happening is that sunbird could be buying up pallets of dead, old, or otherwise unusable iPhones for pennies on the dollar, and using those serial numbers to pretend they were an iPhone from another device (like the nothing phone) directly.
This would make sense with their business model, according to their FAQ they have “no reason to charge money” for their product yet. Buying access to iMessage for a few bucks upfront with no ongoing cost would match up with what they are claiming, and it would be extremely hard for Apple to detect on their end, as they would appear to be all sorts of models, bought at different times, in different places, and signed in by real people.
I want to reiterate that this is pure speculation on my part, it’s just a theory. Which this would mean that (in theory) chats could (and would) be E2E encrypted from sender to receiver, ultimately it’s still Nothing/Sunbird’s app, so they could be doing anything with it on device.
According to JerryRigEverything, they actually run you through a mac mini on their server farm. He said he has info about that confirmed by the devs. Not sure what’s true, but i usually trust him, seems like a good guy.
MKBHD said the same, apparently confirmed by their CEO
It also says that in the linked article itself lmao
You wrote a whole essay speculating when it literally says in the article:
They claim it in the article, and in a few other publications, but I haven’t seen anything that explicitly confirms, from sunbird, that this is the case, including on their website. They also make claims on their website that conflict with that architecture, as I don’t believe it would be possible to E2E encrypt messages like they claim they do. I kinda wonder if the Mac Mini claim is an assumption that everyone just ran with, without confirming that it’s true. I could be wrong though, I’ll gladly eat my words if anyone has a primary source to cite, but that architecture and business model just doesn’t appear to be compatible with their claims.
Incredibly elaborate and provocative reply, fellow underscorer
How it probably works: you’re giving them your apple id login details and they setup iMessage on a Mac mini in their server farm. They proxy everything. End to end encryption is no more and they’re lying about it or intentionally vague. Like “end to end encryption until their server”
Because they would need to purchase and maintain a massive amount of Mac minis, and probably also playing cat and mouse with Apple, this is expensive and has an ongoing cost. What’s funding this? OEM wanting to have this on their phones? Chat contents for LLM training? Worse like bots using your apple id for posting fake app reviews?
Because I can’t imagine Nothing paying a recurring fee forever to them, with the small margin they have it should be a small one time fee
Beeper also does this.
I guess some people just have different priorities than I do. :)
It’s pretty ridiculous in the Apple world, the will look down on you if your first bubble isn’t the same as theirs and their friends.
It’s just the network effect. Here unfortunately it’s WhatsApp, you pretty much have to use it because people organize events in groups with it and whatnot, and you’re the weirdo if you don’t have it. I actually deleted my account for a couple years but recently caved and made one again because people just wouldn’t use anything else and having someone else relay messages is annoying for both them and me.
I use iMessage when it’s available but I wish for groups (or just in general tbh) everyone would just use Signal because it’s both not tied to an expensive device and also not owned by a corporation with a track record of shamelessly exploiting user data.
It’s really not the network effect.
iMessage is deliberately used as a “buy an iPhone or else”. Imagine if Google refused to show search results, emails, or DNS traffic for Apple and we just said it’s because people are tribal or some shit.
Apple needs to open up iMessage or adopt RCS for it to be “network effect”
Okay, sure, that’s just all of Apple’s software though. With a few exceptions (Apple Music and Safari for Windows (RIP) I believe) all their software has only been available for their own operating systems. And (especially since I’m a Linux user) it would be great if cross-platform software were the standard, I don’t think software can be truly cross-platform without being open source. And as much as I think forcing every company to open source all their code would be epic, I don’t think it’s reasonable, as much as I don’t think it’s reasonable to force them to port to every platform.
Rather I think that generally all software anyone can legally obtain should require any sort of file format, network protocol, or other protocols that are used to transfer information between computers to have (usable) public domain documentation, plus, in case the protocol makes use of device authentication, anyone to obtain a valid certificate for their device. This would solve the iMessage problem because it would allow anyone to write clients for it for any platform, but it would solve the same problem for iCloud, Microsoft Office (LibreOffice could have so much better compatibility if they didn’t have to reverse-engineer the file format), Photoshop, Dis “custom clients are against TOS” cord, and thousands of other proprietary software. Because those are all the same exact problem as far as I’m concerned.
Maybe you’re saying something along the same lines. But I don’t think it’s specifically an iMessage problem.
It’s not exclusively an iMessage problem, you’re right but it is for teenagers. This is probably the weakest point of my position but teenagers in my experience don’t peer pressure over tech specs but off obvious shit. iMessage directly shows you who is a green bubble or blue and who is going to send you compressed as hell videos and shit because of it.
Apple deliberately created a distinction of their own making with iMessage by making the bubbles different colors and refusing to support features to improve green bubbles for over a decade now. But the people who are razzing and peer pressuring aren’t exactly going to understand that iMessage wasn’t special tech or anything. RCS was out three years in advance to iMessage and all Apple had to do was allow it on iPhones.
Now outside of teenagers I have never really seen someone pressure people to have an iPhone. It’s a really childish thing to do because they’re really the same damn thing for the most part.
Holy shit btw discuss.tchncs.de/post/6394690
That’s good news. Apple has been dragging ass and forced again to do something to benefit others. USBC, Sideloading, and RCS. If they keep this up in 5 years they might think 8GB of RAM isn’t enough for a $2000 laptop.
Yeah, it’s literally just to make the iPhone seem more exclusive. Apple loves to make their products seem elite and exclusive.
“big win” for the US, nothing of value to the rest of the world.
Ars Technica covered this much better
arstechnica.com/…/nothing-phone-says-it-will-hack…
Basically, the company providing the service is shady and should not be trusted.