• 1 Post
  • 58 Comments
Joined 1 year ago
cake
Cake day: June 15th, 2023

help-circle






  • Thanks for the links! I enjoyed reading about how iMessage is built on top of APN. That probably explains why I can reply to messages in arbitrary apps on my Apple Watch. :-)

    However, that doesn’t change my argument. Beeper is not a trusted party in this exchange. When they show my messages to their users, they are decrypting my messages and user activity in a way that is outside my zone of trust. They can then be nice and show it to their users in their app, or they can be nefarious and send that data to any other 3rd party for whatever purposes they want.

    This is a major security hole at the application layer, despite the network layer security that you’ve linked to.


  • The beeper application is not trusted by anyone except Beeper. As an Apple user, I trust Apple by buying their devices and participating in their services. I have no trust relationship with Beeper whatsoever. They have the the ability to decrypt my messages unbeknownst to me, and do whatever they want with them. Maybe they’ll display them to users nicely in the app. Maybe they’ll do something nefarious with them.

    Having user activity flow into 3rd parties is a major security problem. Maybe you don’t see it, but it’s real and it’s there. We’re still trying to clean up the adtech mess on the web after how many years?













  • I think when Apple announces battery life for watches, the measurement is for the current watch on the current software. Over time, yes your battery holds less charge, but also, the software gets new features that the newer hardware handles just fine, but the older hardware starts to struggle with. Apple doesn’t provide data for newer software on older devices. There’s no spec sheet from Apple saying, “if you upgrade your series 5/6 to WatchOS 9, you should expect this new, lower battery life.”

    But we all know newer, better features are going to use more compute - that’s just how technology works. So you either 1) cut off older devices from the newer features, which users get grumpy about, 2) provide the new features but don’t say anything about the impact or 3) provide new features but say how it impacts older devices and maybe provide toggles and system controls to enable/disable. I don’t think #3 is really in Apple’s DNA - that’s more of a Microsoft approach.