this post was submitted on 07 Dec 2023
61 points (79.6% liked)
Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ
54716 readers
183 users here now
⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.
Rules • Full Version
1. Posts must be related to the discussion of digital piracy
2. Don't request invites, trade, sell, or self-promote
3. Don't request or link to specific pirated titles, including DMs
4. Don't submit low-quality posts, be entitled, or harass others
Loot, Pillage, & Plunder
📜 c/Piracy Wiki (Community Edition):
💰 Please help cover server costs.
Ko-fi | Liberapay |
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I definetely wouldn't trust that link; Beeper mini functionality requires you to conect to their servers for registration, initial handshake and push notifications so I don’t think there is a way to avoid a subscription
Edit for clarity: I wouldn't trust the apk you linked in your edit, not the original Beeper mini app in the play store
No. That is beeper.
Beeper mini is a stand alone app that was acquired by beeper that does not do the MITM shit.
See the comment by @cm0002 for details.
Still don't think it is a good idea. As another comment stated I expected apple to block it in the near future.
They do use their infrastructure to connect to Apple Notification Service servers when the app is not used, they do act as a Man In The Middle but in a secure, concise manner (not in a sketchy way). And they conect to their servers for registration and subscription status. You can read a more in depth explanation on their blog
https://blog.beeper.com/p/how-beeper-mini-works
Besides all that I'm not sure if someone who wants to create it's own implementation of all of this can do it without any apple device; reading jjtech technical explanation (https://jjtech.dev/reverse-engineering/imessage-explained/) where he explains pypush he mentions the obfuscation process for registering a device to apple servers, here is where pypush somehow manages to convince Apple that the machine is genuine, there is a mention there to some serial identifier stored on a file called data.plist, if someone wants to implement this proof of concept would need to give another serial identifier?