Update 12/11/23: Beeper Mini once again works to send iMessages, as announced in a Beeper blog post. Phone number registration does not work yet (they’re working on it) so users have to log in to an Apple ID, and messages must be sent and received via that Apple ID rather than your phone number. Beeper is still not relaying messages to a Mac, and only stores the authorization token. In addition, Beeper has made their service free to use for the time being.
Last week, we told you about Beeper Mini, an Android app that sends bonafide iMessages. Unlike other services that route your messages to a Mac server farm (which requires them to have your login token), Beeper claimed to have reverse-engineered Apple’s iMessage routing system and could trick the servers into thinking that a message was coming from a real Apple product.
Like other services, Beeper doesn’t get iCloud login details and doesn’t run its own servers—rather the team reversed-engineered iMessage and tricked Apple’s servers into thinking that messages from Beeper Mini were actually messages from Messages on an iPhone. It worked great, and the company was quite confident that it was on the right side of the law and that Apple couldn’t easily block Beeper Mini without also blocking iMessages sent from iPhones. Beeper was so confident, it went so far as to open-source much of its code.
It appears that confidence was misplaced, as it took Apple all of two days to effectively shut the app down. As reported on TechCruch, messages on Beeper Mini started getting errors that read “failed to lookup on server: lookup request timed out,” on Saturday. When TechCrunch asked Beeper CEO Eric Migikovsky whether Apple had found a way to break the connection with their app, he replied, “Yes, all data indicates that.” Then Apple confirmed that it had indeed closed the loophole Beeper was using and will do it again if Beeper finds another:
At Apple, we build our products and services with industry-leading privacy and security technologies designed to give users control of their data and keep personal information safe. We took steps to protect our users by blocking techniques that exploit fake credentials in order to gain access to iMessage. These techniques posed significant risks to user security and privacy, including the potential for metadata exposure and enabling unwanted messages, spam, and phishing attacks. We will continue to make updates in the future to protect our users.
Two days later, on December 11, Beeper Mini released an update that re-enabled iMessage functionality, with a caveat: You have to sign in with an Apple ID and send and receive messages via that address, as phone number registration is not working (Beeper is working on a fix). The service has also been made free for the time being. We expect Apple to try to find a way to shut it down again.
This brings us full circle, again, to those seeking to somehow enable iMessages on Android phones. Either you put your privacy and security at risk (as in the recent Nothing Chats / Sunbird disaster) or you rely on a hack that Apple is almost certainly going to shut down immediately.
If you want a better texting experience between your iPhone and those with Android phones, you’re going to have to wait until RCS comes to Apple devices later next year.