If there’s one thing to be learned from Apple’s mobile services, it’s that they’ll almost certainly never be supported on rival platforms. However, that doesn’t stop third-party developers from engineering their own techniques in order to break into Apple’s walled garden. A case in point: Android developer Daniel Zweigart, who recently launched a Google Play app called iMessage Chat, providing users of Google’s mobile OS with a way to communicate with iOS and Mac OS device owners via Apple’s proprietary messaging protocol. Some have reported problems getting the app to run, while others claim it works as advertised — and Zweigart has even gone to the trouble of emulating Apple’s old iOS 6 user interface to make them feel right at home. You might think that it sounds too good to be true, and you could be right.
In order to deliver the features it claims, iMessage Chat, of course, requires a working Apple ID. Your Apple ID not only stores your personal information and payment data, it also serves as a passport for your devices and Apple’s online services. It just takes one successful login by a third-party app for that data to be potentially sent to places unknown. While the developer suggests there are “no hidden costs and no ads in the application,” he doesn’t provide any guarantee for the safety of your Apple ID. by engadget
iMessage Chat has since come to the attention of numerous third-party Apple developers, most notably Jay Freeman, a.k.a Saurik, who took apart the app to identify how it was made possible. According to Freeman, the app connects with Apple directly, but all data is first processed “on the developer’s server in China.” Adam Bell took that one step further and identified that the app was able to spoof iMessage requests by masquerading as a Mac Mini, while Steven Stroughton-Smith noted that it would be able to download code without the user knowing.
Because iMessage Chat relies on very specific techniques to achieve its goal, it also makes it particularly vulnerable to changes made by Apple. To that end, the company may choose to block such requests from dedicated server addresses or attempt to filter messages that contain spoofed data. Apple may also choose to file a request with Google and have the app pulled from the Play Store. In other words, not only is the Google iMessage app risky — it may also be defunct pretty soon.
Update: Poof! The app has vanished from Google Play, so if you haven’t already downloaded it, you’re likely out of luck. by engadget