undefined | Better HN

story

0 pointsjmb991y ago0 comments

Some anecdata. I get a few dozen spam SMSs in any given month, as well as some spam phone calls (varies a lot by month - sometimes only 1-2, sometimes 20+). I have received a total of 2 spam iMessages (I remember them because they’re notable to exist), and 0 spam FaceTime audio calls, and I’ve had this phone number associated with iMessage since it was first released.

Regardless of the reason, there is substantially (many orders of magnitude) less spam on Apple’s networks, at least for me, when compared to SMS/RCS/telephony.

0 comments

dns_snek1y ago

I'm not debating the amount of spam but rather GP's claim that iMessage is hard to automate.

I showed that iMessage is trivial to automate and since you both claim that the amount of spam on the platform is very low, we can conclude that ease of automation isn't an important factor when it comes to iMessage spam.

Unless someone decides to move the goalposts we should therefore be in full agreement that Pebble being allowed to integrate with iMessage wouldn't have any appreciable effect on the amount of spam in the network.

vessenes1y ago

It is definitely harder to automate than SMS. Very large companies exist only to provide API-backed support for automated SMS.

In contrast you need to hook into Apple APIs / scripting / sqlite databases on trusted apple hardware in order to automate iMessage.

You imagine "Pebble" as one company and say "how hard can it be to turn this on?" As I said in the original comment, it's not that it's hard, it's that it can only be turned on for everyone and that will create a security issue that WILL have a substantial impact on the ecosystem. I didn't say, but believe it to be true that the alternative -- a vendor security assessment program covering software, hardware, architecture and cloud security is not worth Apple's time or money to do. I don't think they have any business reason to do so.

dns_snek1y ago

Can you stop moving the goalposts? There's a ready-to-go open source solution for MacOS [1] that exposes a REST API [2] for interacting with iMessage which allows automation and the sky hasn't fallen like you predicted it would. Professional spammers would no doubt be way ahead in capabilities.

Relying on clients to stop spam would break just about every security design principle so that could never be the primary spam filtering mechanism. Indeed, if you search Github, you'll find evidence of this [3].

Allowing a third party gadget to talk to an iPhone to send messages isn't going to open the floodgates to spam any more than they already are, for what I think are pretty obvious reasons. Anyone who could exploit those integrations can already exploit current APIs with exactly the same limitations.

> In contrast you need to hook into Apple APIs / scripting / sqlite databases on trusted apple hardware in order to automate iMessage.

And that wouldn't change, you would still need to pair a real iPhone to your fake "spammer edition" Pebble, and then your Apple ID and iPhone would quickly get banned. Presumably just like it does now if you abuse [1][2], otherwise that's just bad design.

It's frankly ridiculous that this is even being suggested on a "hacker" forum with nothing but wishy-washy qualifiers about how easy or "hard" it would be.

[1] https://bluebubbles.app/

[2] https://documenter.getpostman.com/view/765844/UV5RnfwM#0d8e0...

[3] https://github.com/ZekeSnider/Jared/issues/65

1 more reply

j / k navigate · click thread line to collapse

0 comments

dns_snek1y ago

I'm not debating the amount of spam but rather GP's claim that iMessage is hard to automate.

vessenes1y ago

It is definitely harder to automate than SMS. Very large companies exist only to provide API-backed support for automated SMS.

In contrast you need to hook into Apple APIs / scripting / sqlite databases on trusted apple hardware in order to automate iMessage.

dns_snek1y ago

> In contrast you need to hook into Apple APIs / scripting / sqlite databases on trusted apple hardware in order to automate iMessage.

It's frankly ridiculous that this is even being suggested on a "hacker" forum with nothing but wishy-washy qualifiers about how easy or "hard" it would be.

[1] https://bluebubbles.app/

[2] https://documenter.getpostman.com/view/765844/UV5RnfwM#0d8e0...

[3] https://github.com/ZekeSnider/Jared/issues/65

1 more reply

j / k navigate · click thread line to collapse