same. there seems to be a lot of people that don’t realize some things don’t get done, not because they’re impossible, but because as soon as they do it a company will put a stop to it.
it’s like cracking a Xbox or something. the very next patch will render the method obsolete and nonviable. when i heard this workaround was coming for Android, my immediate reaction was how long it would last before Apple just changed something so that it doesn’t work.
Their hope was that they got close enough to an actual Apple device that breaking it would break Apple devices. It turns out they weren’t close enough, but they could be with a few improvements.
I’m really curious about how it was detected, how it was different from Apple devices. If nothing else I’m looking forward to reading about how that all worked.
It is usually easy to detect a specific client. Like even if you ignore the keys there are dozens of little details like the TLS fingerprint of whatever library they use not matching iOS. Things that are easy to miss and sometimes hard to bypass. Then there are heuristics on how it is used is likely unique.
From what I understand, their guess is that Apple is now checking if the device also has support for other services, such as FaceTime. Beeper Mini and pypush don’t pretend to support FaceTime, so it breaks.
“Oh, what’s this unauthorized bullshit on our servers?”
[block]
I’m just surprised that it took this long
same. there seems to be a lot of people that don’t realize some things don’t get done, not because they’re impossible, but because as soon as they do it a company will put a stop to it.
it’s like cracking a Xbox or something. the very next patch will render the method obsolete and nonviable. when i heard this workaround was coming for Android, my immediate reaction was how long it would last before Apple just changed something so that it doesn’t work.
My bum has a crack, can they fix that?
Back it up on my hard drive and I’ll close your gaping security hole with my hotfix, sweetheart.
Their hope was that they got close enough to an actual Apple device that breaking it would break Apple devices. It turns out they weren’t close enough, but they could be with a few improvements.
Probably had to be extra careful to test. MDM software software might get glitched out.
I’m really curious about how it was detected, how it was different from Apple devices. If nothing else I’m looking forward to reading about how that all worked.
It is usually easy to detect a specific client. Like even if you ignore the keys there are dozens of little details like the TLS fingerprint of whatever library they use not matching iOS. Things that are easy to miss and sometimes hard to bypass. Then there are heuristics on how it is used is likely unique.
From what I understand, their guess is that Apple is now checking if the device also has support for other services, such as FaceTime. Beeper Mini and pypush don’t pretend to support FaceTime, so it breaks.