Assuming that it’s actually reverse engineered, this is great news. If not, there’s a massive lawsuit brewing.

Seems like Beeper will see the cleartext of the replies, though, since they send the notifications via BPNs, right?

[edit: thanks for the replies. I see now the footnote on their BPNs diagram: “Push notification does not contain message contents” so it seems like the answer is “no they will not”]

It still needs Apple’s servers, which tells me they will try and find a way to shut it down. Now that Apple is going to implement RCS, I care a lot less about this.

Before anyone tries, Beeper mini on the play store won’t function without official Google play services. I emailed support to ask if there was another way I could pay for the subscription, succinctly, “no plans for that”.

Bummer.

In exchange for security loss, is it really worth it?

Edit: the downvotes are very expected. You people need to lean about why this is important

https://www.androidauthority.com/beeper-app-opinion-3345142/

First, the elephant in the room needs to be addressed: security. In Beeper’s start-up guide, the first thing you see is a huge alert box: “Beeper may be less secure than using encrypted chat apps by themselves.” Fundamentally, there’s no way to fix this. To use any of the chat apps, you need to link Beeper to that service using your credentials, which is inherently more insecure than logging into the app directly. Beeper is quick to defend itself by pointing out its robust privacy policy, its ethical business practices with a user-centered focus, and its use of end-to-end encryption (E2EE). However, that doesn’t protect your credentials from hackers that could gain access to Beeper and send your grandma a message through WhatsApp pretending to be you and asking to wire $1,000 to an account in China.

More in depth: https://www.reddit.com/r/beeper/comments/13hhx9e/transient_key_retention_a_suggestion_to_solve/?rdt=61709