iSecureOS VS imessage

There's an iOS anti-malware application called iSecureOS. It claims to be open source uses a slightly modified version of the GPLv2 that GitHub still detects as GPLv2.

When looking at https://github.com/GeoSn0w/iSecureOS but according to https://old.reddit.com/r/jailbreak/comments/mocfu6/update_isecureos_v118_is_now_out_it_can_now_reset/ there was a new version supposed to be coming?

I understand your stance of only using AppleScript for AirMessage, as it allows for an installation that anybody can do on any supported Mac. It is nobody's fault except for Apple's that accessing many of iMessage's features requires the SIP to be disabled. Below, I will be quoting u/mqudsi from their article "iMessage for Windows - A labor of love that will never see the light of day" (a long, but very interesting read that I highly recommend). It seemed at the start that the best bet would be to focus on the (extremely limited) surface area of iMessage functionality exposed to AppleScript, which could be used – with some awkwardness and lots of guesswork – to at least implement some basic message forwarding capabilities. [...] but it soon became apparent that Apple had gone out of their way to quite intentionally and very secretively4 break even what limited functionality the AppleScript approach offered. I was aware that old versions of OS X did not sufficiently lock down AppleScript in such a way that would prevent the use of OS X as an iMessage proxy, and could have resorted to that approach from the very start. But I wanted to do this and I wanted to do it right. I wanted an elegant approach that I could deploy on the same machine I still used from time to time, without being stuck on an ancient (and insecure) legacy version of OS X and then, from the footnotes 4 Apple has never officially recognized the breakage of the AppleScript API, which blocked many operations pertaining to accessing existing chats and creating new ones, in subsequent macOS releases. 9 Messages.app doesn’t even offer AppleScript integration for incoming SMS messages, meaning there was no AS-based approach to getting notifications on incoming text messages from users not on the iMessage network. In this project, u/mqudsi did a wonderful documentation of what it was like to try and figure out iMessage forwarding from macOS. Whether or not his final solution required the SIP to be disabled, I'm not sure, but it sounds like he felt a newer version of macOS with the SIP disabled was more secure than using a legacy version that had more options available through AppleScript. Now, I am not going to argue against your point that disabling the SIP can be dangerous, and it can give an app unwanted access to important system files. However, I will argue that there are power users and other users who know exactly what they're doing, and who have no problem with disabling SIP in the name of accessing more features. There are even users who don't know much about it, but who are willing to learn. That was my case eight years ago when I first jailbroke my iPod Touch because I wanted more features (at the time, theming app icons and having animated scroll pages). I have been running jailbroken iOS every day since then, and I have been doing it safely and efficiently. At first, I had no idea what I was doing, but thanks to countless YouTube tutorials, written articles, and the help of r/jailbreak, I am now much more familiar and well-versed in the practice. In terms of macOS, my Mac has had its SIP disabled for close to eight months now with no problem, and with access to many iMessage features for both BlueBubbles and MyMessage. Even the OP of this post replied Yeah, I'm cool with running my Mac with SIP disabled, and while I am assuming here, I feel like they are just like I was eight years ago when I decided I was okay with jailbreaking my iPod, even if I wasn't 100% sure about how to do it. Now, I am going to steal/paraphrase an explanation from isaac#9000 from Discord. A computer, like a knife, is a tool. A dull knife, while a safer tool, is not as effective as a sharp knife. However, a dull knife is safer. Companies can choose to ship out dull knives in the name of keeping their customers safe, but it would be much better if they actually taught people how to safely use a sharp knife instead of restricting them to only being able to use a dull knife. Then, those who want to use a sharp knife can do so, and those who want to use a dull knife can also do so. This is just about exactly how I feel about the topic. In not having AirMessage utilize any features that require the SIP disabled, you are keeping the users much more safe. However, some users want to use a sharper knife and they know how to do so or are willing to learn. I feel like making an option to use AirMessage with the SIP disabled would be a good route to take, and of course I would recommend hiding it behind a bunch of warning screens and confirmation boxes so that you can verify that whoever wants to access those features/versions is able to knowingly do so. At the end of the day, AirMessage is your app, and all of the official versions should follow your vision for the app. As I understand it, you have a mission to make it as streamlined and easy as possible to install and set up AirMessage, and I both respect and commend that. With the recent release of AirMessage Cloud to the public, I feel like you have greatly improved the ease and usability of the application for new and inexperienced users, and that is great work that I'm sure the entire AirMessage community appreciates. If this vision of AirMessage is what will prevent it from implementing SIP disabled versions or jailbroken iOS versions, I understand that. However, you do seem at least somewhat open to the idea, as in this comment you showed approval for doing some kind of combination of AirMessage/SMServer so that the servers and clients could communicate with each other. SMServer can only run on jailbroken iOS, which is, in essence, very similar to SIP disabled macOS. Even if AirMessage were to one day implement a no SIP version, I do not expect you or anybody else to heavily promote it to the masses. This is a modification that can be dangerous, as you've said, but with the proper guidance and warnings, I am sure that people will be okay. I only really follow one rule for my computers'/smart devices' safety, and it protects both the modified and non-modified ones - Don't install anything that you don't trust or know where it came from. By following this one simple rule, I am sure that 99.99% of people will be okay. And even now, there are new tools such as iSecureOS by u/GeoSn0w that keep jailbroken iOS devices safe from malware and other vulnerabilities. I am sure that a similar tool exists or will exist for Macs that have their SIP disabled. I'm sorry for the lengthy response, but it is a topic that is very important to me. Let me know what your thoughts are, and as always, thank you for all your work on this amazing app.

Also: Source Code: https://github.com/GeoSn0w/iSecureOS

The nothing website claims:

> Nothing Chats is built on Sunbird's platform and all Chats messages are end-to-end encrypted, meaning neither we nor Sunbird can access the messages you're sending and receiving.

> Nothing is powered by Sunbird, and Sunbird's architecture provides a system to deliver a message from one user to another without ever storing it at any point in its journey. Messages are not stored on Sunbird's servers and are only live on your device – once a message is delivered, it can only be recovered locally from your personal device.

From: https://us.nothing.tech/pages/nothing-chats

The Verge claims:

> Marques Brownlee has also had a preview of Nothing Chats. He confirmed with Nothing that, similar to how other iMessage-to-Android bridge services have worked before, “...it’s literally signing in on some Mac Mini in a server farm somewhere, and that Mac Mini will then do all of the routing for you to make this happen.”

From: https://www.theverge.com/2023/11/14/23960516/nothing-chats-i...

It seems to me like if they are doing the typical thing of using a bridge like https://github.com/mautrix/imessage then that isn't really E2EE, the messages are being stored, and could be accessed by Sunbird. I don't really see how their claims could be true. Does anyone know? Am I missing something?

If you're willing to dive deep into self-hosting, the open source chat protocol Matrix.org has support for an in-development iMessage bridge. Once you get it to work, there's a Matrix.org client on KaiOS devices called Chooj (sideloading guide) made by Farooq that you can use to access the chat.

iMessage bridge

The disadvantage of not offering an API for iMessage is that there is no easy way to block clients. Apps like Bluebubbles have to work by being installed on an actual Mac and scraping messages from iMessage and Beeper uses a similar architecture[0]. Presumably they have a data centre full of actual macs (or VMs).

[0] https://github.com/mautrix/imessage

I have an old Mac Mini rotting on a shelf in my cupboard which is my bridge to the world of Apple shit. It primarily runs two bits of software: OpenHaystack, which I used to run my own object trackers over the Apple Find My network and Mautrix iMessage which I used to access iMessage via Matrix on my Android and Windows devices.

I've switched from iPhone to a de-googled Android device, and am generally trying to extract myself from google and apple ecosystem lock-in. The last piece for me is trying to find a reasonable bridge for iMessages - but the baseline requirement is to have a Mac PC running 24x7 to act as a bridge for matrix or airmessage. Here's my question: the hardware and software requirements for iMessages are pretty minimal. MacOS Big Sur implemented a few messaging bits like inline replies which I'd like to keep, so that's my OS baseline. Has anyone managed to strip down a hackintosh hardware installation to absolutely minimal proxmox hardware demands (e.g. ram/cores)? If so, got a recommendation on an efficient build process?

I know how crazy it is in America, but I think at leat the HN crowd wouldn't be participating in that madness.

If you are disparate enough, you can use a matrix bridge to get blue bubbles from anywhere

https://github.com/mautrix/imessage

Yes, tulir works for beeper. But I think they stopped doing that iPhone thing, and if you use iOS there are less features available: https://github.com/mautrix/imessage/blob/master/ROADMAP.md

I have an Android phone and if you're desperate you can buy an old Mac Mini and set up an iMessage bridge over Matrix (https://github.com/mautrix/imessage) or BlueBubbles to work around this. I do not recommend it though as it locks you into a facet of the Apple ecosystem.