Earlier this year Gill had become intrigued by how Apple’s push notification service works, and how these bidirectional notifications might offer some clues into breaking open Messages.
First, he had to better understand how the Apple ID worked, so he reverse engineered how Apple Music operated on a Windows computer. He noted the traffic and how a non-Apple device registered with Apple servers. Next, he noted how a macOS computer signs into iMessage, then inspected that traffic. Then he reproduced it all in Python.
He began to put together a proof-of-concept that examined the various handoffs between the Apple ID, its push notification service, and its messaging technologies.
“In theory, iMessage uses public encryption keys, because that’s how end-to-end encryption works,” Gill says. (Gill is correct, in that asymmetric encryption or public-key cryptography relies on a public-private key pairing; one is used to encrypt a message, and the other to decrypt it.) “Pypush actually figures out how we can publish those keys to Apple’s key server and how you can retrieve keys from Apple’s key server,” Gill says.
“His proof of concept demonstrates that on any computer with Python, you can sign into iMessage and send and receive messages,” Migicovsky says. He was so impressed with Gill that he offered him a contract to work part-time at Beeper. Gill accepted, with parental approval.
Gill’s mother, Erin Gill, says she and her husband were slightly concerned about Gill’s ability to manage his time as a junior in high school, but he had handled his part-time job at McDonald’s well enough that they told him to “go for it.” His father is a computer engineer and helped him with the details of the contract. “I’m an artist, and I understood almost nothing of what he was telling me, other than he was excited about it,” Erin Gill says.
Migicovsky and the team quickly took Gill’s proof of concept, rewrote it, and added new features to it: support for photo and video sharing, group chat dynamics, and even someone’s typing status when they’re drafting a message. Over the past three months, the team folded all of those features into Beeper. The company’s original app, Beeper Cloud, still uses the Mac mini servers, but the new Beeper Mini runs entirely within the app client.
Color Wars
Migicovsky insists he’s not rushing out BeeperMini just because other upstarts have recently tried to hack Apple’s Messages, or because Apple recently acquiesced to a newer, Google-supported messaging standard that might make the blue-bubble/green-bubble wars less fraught.
“We were planning to launch this two weeks before Nothing tried this, but we decided to hold off,” Migicovsky says.
