iMessage may be coming to Android with Sunbird

Posted:
in General Discussion
Android users may finally get an easy way to get iMessage in 2023 thanks to a new app called Sunbird.

Sunbird Messenger
Sunbird Messenger


Launching in closed beta, for now, Sunbird claims it's the first and only fully-featured iMessage for Android app. It doesn't require a relay server, Apple device, or desktop software, only an Apple ID.

It supports encryption, full-quality photos and videos, iMessage group chats, reactions, tapbacks, live-typing indicators, and read receipts.

Apple's iMessage service is the main focus for now. In a conference with AppleInsider, the Sunbird team called it it the "low-hanging fruit" as they noticed how many Google searches exist for terms such as "iMessage on Android."

However, Sunbird aims to be a unified messaging app for many more services, including WhatsApp, Facebook Messenger, SMS/MMS, and others that the company will add in the future.

"We've solved 14 years of communications challenges associated with Android messaging," states Danny Mizrahi, CEO, and Founder of Sunbird Messaging. "By inventing new technology that gives Android users iMessage on Android, one can enjoy the most popular functions and features uniting the top messaging apps that people use every day. One inbox for all your messages."

The product roadmap for other messaging services includes Telegram, RCS, Instagram Direct Messaging, Slack, Signal, and Discord.

Sunbird is quick to mention that its servers never store personal data or third-party login information. All message types are end-to-end encrypted except for SMS, which doesn't support such security.

What Sunbird looks like
What Sunbird looks like


The company also plans to build a web app for Sunbird, but it doesn't have plans for an iOS app, at least currently.

Sunbird will roll out invitations in phases to join the closed beta user group beginning in late 2022. So far, the company hopes for a public release in mid-2023.

The app will be free for the foreseeable future.

It's still early...

AppleInsider attended a presentation of the announcement. Sunbird showed a few demonstrations of the app, such as adding an integration with iMessage.

There wasn't a clear indication if it was a live demo or not. The team did mention that their app is still in the early alpha stage.

They did answer a couple of questions surrounding privacy and security. Sunbird mentioned this subject more than once, saying that they don't store any user data or messages.

Services that it plans to include, such as iMessage and Signal, rely on end-to-end encryption. We asked if the company has done an independent security audit, and the team said that was on the roadmap for the future.

If the app does work as intended, it could be a major breakthrough for Android users. Instead of relying on non-encrypted methods such as Facebook Messenger or SMS, Sunbird may be able to provide a more private way to communicate with Apple friends and family.

Read on AppleInsider

Comments

  • Reply 1 of 15
    thttht Posts: 5,421member
    Uh, Sunbird is going to host a version of Messages inside its app? Run a browser inside its app that is a Messages client? Same with WhatsApp, Signal, Telegram and whatever E2EE app? The end point has to include the services client code to decrypt the messages for display. 
    watto_cobra
  • Reply 2 of 15
    I haven't read the iMessage API documentation, but if it can be done 'legally' then Google would've jumped on that bandwagon ages ago. I'm skeptical
    anonymousedanoxronnlolliverKTRlkruppgregoriusmtwokatmewJaiOh81watto_cobra
  • Reply 3 of 15
    zimmiezimmie Posts: 651member
    I haven't read the iMessage API documentation, but if it can be done 'legally' then Google would've jumped on that bandwagon ages ago. I'm skeptical
    There is no iMessage API documentation, primarily because there is no iMessage API (at least not for writing iMessage clients). They probably reverse-engineered iMessage's traffic flow and found a way to write their own client. It wouldn't be hugely difficult. The techniques to do this (and to keep it legal) are very well understood. They're time-consuming, though, and the result could be fragile.

    I doubt Apple could target this client and ban anybody using it. I also don't see them going out of their way to break it, but if a change eventually does break it, Apple definitely won't care.
    lkruppwatto_cobra
  • Reply 4 of 15
    Will the message bubbles for messages being sent to Sunbird users be blue or green? My guess is that they will be green. Colour is a big deal to young people, according the WSJ article called: "Why Apple’s iMessage Is Winning: Teens Dread the Green Text Bubble".
    KTRwatto_cobra
  • Reply 5 of 15
    KTRKTR Posts: 279member
    This is like building a Mac clone.  Apple legal shut them down.  But we see
    lkruppwatto_cobra
  • Reply 6 of 15
    genovellegenovelle Posts: 1,480member
    zimmie said:
    I haven't read the iMessage API documentation, but if it can be done 'legally' then Google would've jumped on that bandwagon ages ago. I'm skeptical
    There is no iMessage API documentation, primarily because there is no iMessage API (at least not for writing iMessage clients). They probably reverse-engineered iMessage's traffic flow and found a way to write their own client. It wouldn't be hugely difficult. The techniques to do this (and to keep it legal) are very well understood. They're time-consuming, though, and the result could be fragile.

    I doubt Apple could target this client and ban anybody using it. I also don't see them going out of their way to break it, but if a change eventually does break it, Apple definitely won't care.
    Considering the keys to Apple’s iMessage encryption lives on the device in the Secure Enclave I’m curious how this would work. Unless it intercepts text messages that have too much data and makes them more accessible and iMessage like. 
    williamlondonwatto_cobra
  • Reply 7 of 15
    KTR said:
    This is like building a Mac clone.  Apple legal shut them down.  But we see
    I doubt Apple could shut this down. Since the APK can be sideloaded onto Android, it could continue to be distributed outside of the Play store. If their app is perfectly mimicking the API client of iMessage on an older iOS version like 13 or 14, it would be very difficult for Apple to distinguish between the unauthorized client and a geniune iDevice and extremely difficult to block, since they no longer update those OSes.

    genovelle said:
    Considering the keys to Apple’s iMessage encryption lives on the device in the Secure Enclave I’m curious how this would work. Unless it intercepts text messages that have too much data and makes them more accessible and iMessage like. 

    Most (if not all modern) Android devices include a secure enclave as well. When the user signs in to iMessage for the first time on the device by authenticating with their iCloud credentials, that is when the client generates the encryption keys, stores the private key in the secure enclave, and registers the public key with the iMessage server.  So long as they have fully rerverse-enginered the API protocol from sign-in to sending/receiving messages, then it is pretty straightforward and largely identical to the iPhone workflow for the same operations.
    edited December 2022 watto_cobra
  • Reply 8 of 15
    This might get shutdown either through API changes or Apple legal, but I think it would be great if Apple allowed other systems to implement an Apple Messages Lite with just core E2EE messaging. It would benefit Apple having more users with Apple IDs and an iPhone would still be required for integration with the App Store ecosystem. It would benefit Apple users and Apple's privacy stance since your texts to android users would be secure.
    watto_cobra
  • Reply 9 of 15
    I haven't read the iMessage API documentation, but if it can be done 'legally' then Google would've jumped on that bandwagon ages ago. I'm skeptical
    There is no documentation or SDK for Apple Messages. It is probably not legal or it won't be in the future. All Apple needs to do is forbid it in their Apple ID user agreement. An open source non-commercial program could probably get away with it, but a commercial entity would probably need to get Apple's permission. 

    There is only an SDK for iOS apps to embed inside of a messages chat through an extension API. That obviously wouldn't be supported by any third party chat system since it would require the full iOS operating system.
    edited December 2022 watto_cobrawilliamlondon
  • Reply 10 of 15
    It doesn't require a relay server, Apple device, or desktop software, only an Apple ID.

    It does require a relay server, it's just they provide one for you, presumably including a virtual Mac.

    What they are describing sounds a lot like Matrix using the puppet bridge:
    https://matrix.org/docs/projects/bridge/matrix-appservice-imessage




    watto_cobra
  • Reply 11 of 15
    avon b7avon b7 Posts: 7,625member
    "If the app does work as intended, it could be a major breakthrough for Android users. Instead of relying on non-encrypted methods such as Facebook Messenger or SMS, Sunbird may be able to provide a more private way to communicate with Apple friends and family"

    I can't see any major breakthrough for Android users. They don't have to rely on unencrypted messages (and Messenger is available on iOS too).

    If anything, the breakthrough would be for iOS users as many Messages users probably don't know their messages are being sent, unencrypted, as SMS to Android users in their address books. 

    Added to that, Messages is probably not used very much at all outside the US. I know no iOS user that uses it. 

    It is basically Whatsapp all the way for everyone. 

    muthuk_vanalingam
  • Reply 12 of 15
    zimmie said:
    I haven't read the iMessage API documentation, but if it can be done 'legally' then Google would've jumped on that bandwagon ages ago. I'm skeptical
    There is no iMessage API documentation, primarily because there is no iMessage API (at least not for writing iMessage clients). They probably reverse-engineered iMessage's traffic flow and found a way to write their own client. It wouldn't be hugely difficult. The techniques to do this (and to keep it legal) are very well understood. They're time-consuming, though, and the result could be fragile.

    I doubt Apple could target this client and ban anybody using it. I also don't see them going out of their way to break it, but if a change eventually does break it, Apple definitely won't care.
    I haven't read the iMessage API documentation, but if it can be done 'legally' then Google would've jumped on that bandwagon ages ago. I'm skeptical
    There is no documentation or SDK for Apple Messages. It is probably not legal or it won't be in the future. All Apple needs to do is forbid it in their Apple ID user agreement. An open source non-commercial program could probably get away with it, but a commercial entity would probably need to get Apple's permission. 

    There is only an SDK for iOS apps to embed inside of a messages chat through an extension API. That obviously wouldn't be supported by any third party chat system since it would require the full iOS operating system.
    https://developer.apple.com/documentation/messages
  • Reply 13 of 15
    zimmiezimmie Posts: 651member
    genovelle said:
    zimmie said:
    I haven't read the iMessage API documentation, but if it can be done 'legally' then Google would've jumped on that bandwagon ages ago. I'm skeptical
    There is no iMessage API documentation, primarily because there is no iMessage API (at least not for writing iMessage clients). They probably reverse-engineered iMessage's traffic flow and found a way to write their own client. It wouldn't be hugely difficult. The techniques to do this (and to keep it legal) are very well understood. They're time-consuming, though, and the result could be fragile.

    I doubt Apple could target this client and ban anybody using it. I also don't see them going out of their way to break it, but if a change eventually does break it, Apple definitely won't care.
    Considering the keys to Apple’s iMessage encryption lives on the device in the Secure Enclave I’m curious how this would work. Unless it intercepts text messages that have too much data and makes them more accessible and iMessage like. 
    iMessage clients just hand the servers a public key. The servers don't have any way to know where the device actually stores that key. In fact, iMessage predates the Secure Enclave. A reverse-engineered client just needs to create a suitable key pair and stick the public key in the enrollment request when the user signs in. As long as it makes the same requests as Messages on an iPhone, and as long as it handles the responses the same way, the servers have no way to tell it isn't really Messages on an iPhone.

    It's functionally the Turing test, except the interrogator trying to differentiate between the computer and the person is a computer, and it only speaks the iMessage protocol. As long as the other two parties to the test speak the iMessage protocol equally well, the interrogator won't be able to tell the difference.
    I haven't read the iMessage API documentation, but if it can be done 'legally' then Google would've jumped on that bandwagon ages ago. I'm skeptical
    There is no documentation or SDK for Apple Messages. It is probably not legal or it won't be in the future. All Apple needs to do is forbid it in their Apple ID user agreement. An open source non-commercial program could probably get away with it, but a commercial entity would probably need to get Apple's permission. 

    There is only an SDK for iOS apps to embed inside of a messages chat through an extension API. That obviously wouldn't be supported by any third party chat system since it would require the full iOS operating system.
    Reverse engineering for interoperability is specifically protected by every copyright system I'm familiar with. It's definitely protected in the USA.
    zimmie said:
    I haven't read the iMessage API documentation, but if it can be done 'legally' then Google would've jumped on that bandwagon ages ago. I'm skeptical
    There is no iMessage API documentation, primarily because there is no iMessage API (at least not for writing iMessage clients). They probably reverse-engineered iMessage's traffic flow and found a way to write their own client. It wouldn't be hugely difficult. The techniques to do this (and to keep it legal) are very well understood. They're time-consuming, though, and the result could be fragile.

    I doubt Apple could target this client and ban anybody using it. I also don't see them going out of their way to break it, but if a change eventually does break it, Apple definitely won't care.
    I haven't read the iMessage API documentation, but if it can be done 'legally' then Google would've jumped on that bandwagon ages ago. I'm skeptical
    There is no documentation or SDK for Apple Messages. It is probably not legal or it won't be in the future. All Apple needs to do is forbid it in their Apple ID user agreement. An open source non-commercial program could probably get away with it, but a commercial entity would probably need to get Apple's permission. 

    There is only an SDK for iOS apps to embed inside of a messages chat through an extension API. That obviously wouldn't be supported by any third party chat system since it would require the full iOS operating system.
    https://developer.apple.com/documentation/messages
    That's to interact with the application Messages on an iPhone, iPad, or Mac. It has absolutely nothing to do with iMessage the protocol.
    watto_cobramuthuk_vanalingam
  • Reply 14 of 15
    I have no idea how they are managing this without having Apple's blessing. Something is suspicious.
    williamlondonwatto_cobra
  • Reply 15 of 15
    They must be spoofing Apple's activation servers. Which is a process they patented. Also I wouldn't be surprised that there is a device specific certificate that has been encoded at the factory for all the new Secure Storage in Apple's ARM chips and the T2 chips. Once they EOL all the hardware that doesn't have one of those chips they can force an activation utilizing that device specific certificate. Even if they manage to extract and try to clone one of those hardware certs Apple can easily revoke it as compromised.
Sign In or Register to comment.