This has been a huge week for iMessage—in a very strange way; has this latest news finally given Apple’s iPhone users a reason to quit the green-bubbles/blue-bubbles and head elsewhere…
Apple’s blue/green-bubbled messaging platform is back in the spotlight this week, with two separate news stories, both of which materially impact iMessage while totally ignoring it. Neat trick.
First, WhatsApp added to the media furore around its imminent third-party chats with a warning that it can’t extend its full security promise to include this new hub feature, that without control of the clients or endpoints at each side of a chat, it can’t be sure content is fully secure.
How does this impact iMessage? Well, iMessage has the same ruthless focus on security as WhatsApp—just look at its post-quantum crypto update last month. But if WhatsApp cannot assure messages outside its walled garden where transmission is end-to-end encrypted if not the endpoints, then it’s a stark reminder as to just how insecure iMessage is once users message outside the Apple bubble, because here not even transmission is fully encrypted, never mind those endpoints.
There was a fix for this late last year, kind of. Beeper Mini—remember that—turned up to fudge a bridge between iMessage and Android, suddenly end-to-end encrypted blue bubbles appeared on Samsungs. But Apple shut it down for lots of Apple-like reasons and it was soon no more.
Which brings us to the second piece of news this week—Beeper is back, kind of. “It’s the day all you Beeper Android fans have been waiting for,” the developer announced in an email. “Our new app is ready for you to try out!” It’s a complete, bottom-up rewrite they assured, “fast, clean and beautiful.”
Beeper made its name with its iMessage bridge. But this time it’s different—you’ve guessed it, no iMessage. As Android Police explained, “the days of trying to make iMessage on Android work are in the rearview mirror, and frankly, I think users are better off thinking of Beeper as a unified inbox for everything outside of the world of blue bubbles.”
That means Signal, WhatsApp, Telegram and Google Messages (RCS-enabled) all in once place, along with a bunch of other options. Ironically this makes Beeper more the kind of hub users might have expected from DMA’s mandated changes than the watered down offering they’ll actually get. It’s still unclear who’ll play in WhatsApp’s hub, but it’s unlikely to be the likes of Signal or Telegram or Google Messages. If you want to check one place for everything—this is it, kind of.
But no iMessage—and unless Apple does an Apple-like u-turn (think CSAM scanning or RCS), or regulators decide to flex their muscles, that’s unlikely to change. But RCS is coming soon. Raw and not end-to-end encrypted, but if you like one-tap responses, IP media sharing and typing indicators, you’ll be in luck come the fall and the burgeoning promises of iOS 18.
But if you want fully secured iPhone to Android messaging, then not so much.
Right now the only way to message iPhone to Android with the inbuilt platforms is to revert to SMS, a 1990s technology that has more holes than its old message character limit. RCS is a step up, but not enough of a step up. It’s like reverting to Google Messages before it shifted to default encryption and joined the top-tier Signal, WhatsApp and—yes—iMessage club. Even Facebook Messenger has now (finally) shifted to full encryption by default, which shows just how poor the alternative must be.
And so, continue using iMessage for your Apple friends and family—which means everyone in a group needs to be blue-bubbled. In the US, that might mean everyone you know—but not so much further afield. For those of us not in the US, the answer is an over-the-top platform. The best of the bunch being Signal and WhatsApp—with the latter now on pretty much every phone on every network, including—increasingly—in the US, where it has been downloaded hundreds if not thousands of times even since you started reading this article.
Don’t stop using iMessage, but do stop sending SMS texts from iMessage. Which means stop using iMessage outside Apple’s walled garden. And probably don’t use RCS either when it comes, not unless and until it finds a way to deliver cross-platform end-to-end encryption with Google. It’s a backward step from full encryption, as WhatsApp’s warning should have made abundantly clear.
The benefits in taking this approach are plentiful. You can securely message anyone, anywhere. You can use fully encrypted voice and video calls, cross-platform, with just a click. And—with Signal for now and WhatsApp soon—you can even hide your phone number and rely on a user name instead.
SMS is a terrible technology—you should avoid it at all costs. You have options and I recommend you take them. iMessage is an outstanding platform, with one of the best security architectures, including fully encrypted archives and backups with iCloud’s Advanced Data Protection. But when it comes to cross-platform messaging, it’s a totally different story. And it’s not about to change. Unfortunately…