ranson

foregoneconclusion said:

ranson said: I fail to understand how this compromises YOUR security. It's very simple. If YOU don't want to use a third party store or sideloading to have access to an app, then YOU don't have to. See, no security problem for you. But others, who want to put software on their phone that Apple has declined to list in their App Store, should have that opportunity, given it is their device that they own.  None of that compromises YOUR security in any way.

That would only be true if there was a legal requirement for developers to make their app available in the App Store as well as in third party stores. 

 C'mon man, that's nonsense. First, such a "legal requirement" would be wholly unconstitutional. Nobody can require someone to sell their product in places they do not wish. Imagine if a law was passed requiring Sony to sell Playstations in both Target and Wal-mart.

Secondly, again, if the only reason you can trust an app is because it's in Apple's store, then you are holding on to a false sense of security. If you see an app in Apple's store, and think to yourself that the only reason you're buying is because it's in Apple's Store and you couldn't trust it otherwise; then you're doing it wrong.

Hedware said:

Somehow everybody gets asked except for consumers. As a owner of Apple products,  I do not want my privacy and security compromised because some lazy developers want to have open skies. They should attempt to build some decent apps. 

I fail to understand how this compromises YOUR security. It's very simple. If YOU don't want to use a third party store or sideloading to have access to an app, then YOU don't have to. See, no security problem for YOU. But others, who want to put software on their phone that Apple has declined to list in their App Store, should have that opportunity, given it is their device that they own.  None of that compromises YOUR security in any way.

I hear the argument that "well, there are apps that will move to their own stores instead of Apple's, and then we can't trust the app maker to not do nefarious things."  Fine, then don't install the app. If you can't trust their product because it's not in Apple's Store, then frankly, you can't trust the app at all and should not use it. Note that numerous scam apps are in the Apple Store already (see this AI article from just this morning), and popular apps like Tik Tok and Facebook actively track you in spite of the tracking transparency options. So again, if you think you wouldn't be able to trust them outside of the Apple store, those apps being in the Apple store is really no different. It's a completely false sense of security.

So nobody's security is unwillingly compromised here. We are adults, and we can make informed decisions about what apps to install, even when it runs counter to Apple's opinion. This harms no one except those who choose to go down that road and make bad choices.

KTR said:

This is like building a Mac clone.  Apple legal shut them down.  But we see

I doubt Apple could shut this down. Since the APK can be sideloaded onto Android, it could continue to be distributed outside of the Play store. If their app is perfectly mimicking the API client of iMessage on an older iOS version like 13 or 14, it would be very difficult for Apple to distinguish between the unauthorized client and a geniune iDevice and extremely difficult to block, since they no longer update those OSes.

genovelle said:

Considering the keys to Apple’s iMessage encryption lives on the device in the Secure Enclave I’m curious how this would work. Unless it intercepts text messages that have too much data and makes them more accessible and iMessage like. 

Most (if not all modern) Android devices include a secure enclave as well. When the user signs in to iMessage for the first time on the device by authenticating with their iCloud credentials, that is when the client generates the encryption keys, stores the private key in the secure enclave, and registers the public key with the iMessage server.  So long as they have fully rerverse-enginered the API protocol from sign-in to sending/receiving messages, then it is pretty straightforward and largely identical to the iPhone workflow for the same operations.

bloggerblog said:

That’s could become a controversial move since Tesla is a public traded company and Twitter is his private company. So borrowing employees from a public company can get weird. 

Not controversial at all. They will likely be paid as independent contractors by Twitter and receive a 1099 next year for tax purposes. One's original employer (Tesla in this case) cannot bar or punish the employee for simply working a second job unless it violates a non-compete or causes issues relating to performance at the original job.

"If the rumors of the new cutouts for Face ID and other systems are true, it will mark five years since Apple switched to the notch."

?? So if the rumors are false, it won't mark 5 years?  WTF is this sentence even trying to say?  No matter what happens, they switched to the Notch 5 years ago.