Introduction
Beeper is an app that connects multiple chat networks into one, such as SMS, iMessage, Whatsapp, Signal and others. Each message you send and receive are relayed through Beeper’s servers, which act as a bridge to convert these messages to a Matrix channel. (This can be cool since you can use multiple Matrix clients to message people using a different network). Beeper has always used a fleet of Mac Minis to relay iMessages, since historically Apple devices are the only way to expose iMessage to be used elsewhere. However, a recent reverse engineering proof-of-concept named Pypush is being actively developed by JJtech, a 16 year old security researcher who outsmarted Apple’s iMessage algorithm – never before attempted. This gained him a vast amount of popularity, especially after YouTuber “snazzy labs” released a video that grew the Pypush community by 8x and gave the project 3k stars in the first week.
Who is Beeper?
The Beeper team bought Pypush a couple months before all of this, and they recently made a new Matrix bridge, replacing the old one which was slower, unreliable, and was powered by Macs. Beeper Mini has just been released, soon to replace the original Beeper app, now named Beeper Cloud. Beeper Mini now does everything locally, no need for any separate servers or Matrix bridge. This app exploded in popularity, gaining 100k downloads in 36 hours. Beeper Mini is the single most defining move in the history of iMessage x Android apps, as many parodies, commentaries, and videos are being made about this app. Linus Tech Tips also talked about Pypush, JJtech, and Beeper Mini in the latest WAN show, and one of their sister channels has released a video here. US Senator Warren also made her opinions known on Twitter, as did many others.
Current Sentiment
However, with the good also comes the bad. Many people have made comments about this app about it being “insecure and a huge vulnerability for Apple”. These are the same people who are thinking you are hacking the government and expecting the FBI to take you to prison or something just because you jailbroke your iPhone. These comments are luckily being called out as BS, since Pypush is very much open source as well as Beeper, who currently has every one of their Beeper Cloud bridges open-sourced, and parts of Beeper Mini in the future (and they have been very transparent compared to other competitors, where communication is a huge problem in the community). You can see exactly how Beeper Mini works and all the technical details right here, which is also where you can find their product roadmap for future plans.
What Broke?
I bet you’re wondering an important question right now, does Apple like this? The answer is: no. No, not one bit. They were fine with the development of Pypush, but the second day Beeper Mini was released, they broke it. If you are interested in the technical details, here they are (I highly recommend you read JJtech’s article before continuing): when Pypush first connects, it requests an authentication certificate from Albert (which is required to connect to APNs), the first step in connecting to Apple’s servers. Device info is sent along with the request, and before we were identifying as a Windows device since Windows can use iTunes and that is what JJtech first developed on. However Windows devices do not have iMessage functionality, so Apple can easily see block devices that identify as Windows but try to send an iMessage.
Beeper’s Response
This was a simple fix but took a few days to implement. However, SMS-registration is still broken to this day due to unknown reasons. SMS-registration is the act of registering an Android phone number with iMessage so you can use your number as an alias within Beeper or any other Android iMessage client. To add onto that, Apple seems to be silently breaking people’s messages, as some can’t send or receive iMessages. Apple appears to be blocking the serials and device info Beeper Mini/Cloud and Pypush uses. This is yet to be fixed for everyone, but it seems Beeper has a solution for now.
Just a Theory…
Many are speculating this will be an infinite cat-and-mouse game between Pypush/Beeper and Apple, but no one knows how it’s going to shape out to be or end, as Apple did confirm they broke “unauthorized actors from gaining access to our system with fake credentials” which is absolute bullshit. We do however know that Apple has not broken iMessage with older devices such as the iPhone 4 or legacy Macs, which is a very good sign for us. The only reason Pypush would ever break is if Apple ever released an update to use the SEP (Secure Enclave Processor, all iPhones and all M series Macs) or T2 chip (Intel Macs starting with 2019) to integrate with iMessage. However many rightfully doubt this will ever happen since older Intel Mac models do not have these chips, and an update would be required – which many of Apple’s EOL devices would not be able to undergo, and even then very few people update their devices that often, and iMessage would be broken for all devices on iOS 17 or lower.
The Future of Beeper Mini
However that doesn’t mean Apple still won’t play a cat-and-mouse game, though eventually it will probably shape up Pypush and Beeper Mini to be more undetectable, and officially end the game. This is most likely since projects like this need much time to mature, and this is a very new product. Many speculate the reason Apple broke Beeper Mini was because it was $2/month, which creates a legal grey area because they were effectively selling the services of another company. Beeper Mini has since made their service free, planning to paywall it with new features in the future as they plan to add more networks and device compatibility.
Resources
JJtech’s article
Beeper Product Roadmap
How Beeper Mini Works
Beeper Mini’s return
From JJtech’s article
IMFreedom Knowledge Base: iMessage
M. Frister: pushproxy
Nicolás: APNs-dissector
QuarkSlab: iMessage Privacy
Garman et al. Chosen Ciphertext Attacks on Apple iMessage
NowSecure: Reverse Engineering iMessage
Elcomsoft: iMessage Security and Attachments
Eric Rabil’s open-imcore
The Apple Wiki: Apple Push Notification Service
Mihir Bellare and Igors Stepanovs: Security under Message-Derived Keys: Signcryption in iMessage
Apple Platform Security: How iMessage sends and receives messages securely
Nicolás: Apple IDS payload keys
Various people on the Hack Different Discord
Hey all, I’m glad you made it to the end of this post! Hopefully my website may be of interest to any of those keeping up with the latest news on Beeper/Pypush. If you see any errors or things I could do better about my posts or website, feel free to shoot me an email. Also, I’d love if any of you could show some support by leaving a comment, everything is welcome. Until next time!
I love what you guys are up too. This sort of clever work and exposure!
Keep up the great works guys I’ve added you guys to my own blogroll.
It’s appropriate time to make a few plans for the future and
it is time to be happy. I have read this post and
if I could I want to suggest you some fascinating things or suggestions.
Maybe you could write subsequent articles referring to this article.
I desire to learn even more things about it!
I truly appreciated the work you’ve put forth here. The sketch is tasteful, your authored material stylish, yet you appear to have developed some nervousness regarding what you intend to deliver next. Rest assured, I’ll return more regularly, much like I’ve done almost constantly, should you maintain this upward trajectory.
Stumbling upon this website was such a delightful find. The layout is clean and inviting, making it a pleasure to explore the terrific content. I’m incredibly impressed by the level of effort and passion that clearly goes into maintaining such a valuable online space.