Apple’s most valuable intangible asset isn’t its patents or copyrights - it’s an army of people who believe that using products from a $2.89 trillion multinational makes them members of an oppressed religious minority whose identity is coterminal with the interests of Apple’s shareholders.
–
If you’d like an essay-formatted version of this thread to read or share, here’s a link to it on pluralistic.net, my surveillance-free, ad-free, tracker-free blog:
https://pluralistic.net/2024/01/12/youre-holding-it-wrong/#if-dishwashers-were-iphones
1/
This is not good for Apple customers. It exposes them to continuous, serious privacy risks. Our mobile devices are keepers of our most intimate secrets, and when mobile security fails, the consequences are grave, as Apple discovered in the hardest way possible, ten years ago:
https://en.wikipedia.org/wiki/2014_celebrity_nude_photo_leak
Apple’s answer to this is grimly hilarious. The company’s position is that if you want to have real security in your communications, you should buy your friends iPhones.
31/
Presumably, if those friends - or merchants, or colleagues - don’t want to change operating systems and throw away their device and all their apps, you should just stop talking to them:
One of the clinical signs that someone is in a cult is that they are encouraged to isolate themselves from people who aren’t also in that cult:
https://en.wikipedia.org/wiki/Isolation_to_facilitate_abuse#In_cults
32/
But there are billions of Apple customers and only a small (but vocal and obnoxious!) minority of those customers are actual cult members, which means that there are billions of people who’d prefer to have private, secure communications with everyone in their lives, not just their fellow Apple customers.
33/
That’s where #BeeperMini comes in: it’s a third-party Android version of iMessage that builds on the work of a teenager who reverse-engineered iMessage and found a way to let Android users receive secure messages sent by Apple customers:
34/
This was an immense service to Apple customers, correcting a gaping security vulnerability in Apple’s flagship product, that had been deliberately introduced, putting the company’s profits ahead of its customers’ safety and privacy.
Apple immediately rolled out a series of countermeasures to block Beeper Mini. When The @verge@mastodon.social’s @davidpierce@mastodon.social asked them why, Apple said they did it to protect their customers’ security (!!):
35/
The company claimed that there was some nonspecific way in which Beeper Mini weakened the security of Apple customers, though they offered no evidence in support of that claim. Remember, the gold standard for security claims is #ProofOfConcept code, not hand-waving:
36/
For its part, #Beeper engaged in a brief but intense cat-and-mouse game with Apple, taking countermeasures and countercountermeasures to preserve Apple customers’ access to secure communications with Android users:
37/
Apple used its $3 trillion megaphone to condemn Beeper Mini even after Beeper published source code for Beeper Mini so anyone could verify that nothing nefarious was going on:
Meanwhile, Apple’s cultists rallied behind the company. Not only would No True Apple Customer ever want to have secure communications with an Android user, but it was unfair for Beeper to profit by accessing Apple’s messaging infrastructure, which Apple has to pay to maintain.
38/
This is some serious upside-down cult logic. Beeper isn’t accessing Apple’s infrastructure: Apple’s customers are accessing Apple’s infrastructure. If there were no Apple customers trying to talk to Android users, there would be no load on Apple’s servers.
But those customers don’t count. They aren’t real Apple customers, because they want to do things that benefit them, not Apple’s shareholders. In other words: they’re holding it wrong.
39/
@pluralistic@mamot.fr I seem to recall one passionate pro-Apple commenter specifically argue that Beeper Mini somehow hacked/trespassed on Apple’s infrastructure/IP, thus the weakened security of iMessage.
They’re not necessarily wrong in the claim that Beeper Mini is a hack. It is, in the sense it subverts the assumption that only Apple devices can use Apple services. It’s also quite ironic:
@pluralistic@mamot.fr
Stupid anecdote but…
I’m on a pickup soccer group iMessge. They wouldn’t let me join due to the bubble colors going blue/green (I wouldn’t know or notice as I never use Apple stuff). I had someone volunteer to be my intermediary and let me know when when who was in for 8 months.
Eventually I found an iPhone someone was willing to give me and I only use it for that group text now.
@pluralistic@mamot.fr IIRC, I think that the argument was that Beeper was a literal man-in-the-middle. Ergo, the blue bubble which means it’s encrypted was now silently decrypted by a party (Beeper) that users didn’t choose and couldn’t opt out of. Beeper literally made it work by running iMessage on their own Macs and relaying the messages to the app, right? That architecture undermine iMessage security for anyone unknowingly routing messages through that, no?