This was expensive. At one point, Beeper was running the beta version of its app on more than 700 Mac mini servers. It was also not especially secure, nor private, Migicovsky continues, “because we had to have a physical Mac that acts as this relay point. We would much prefer to have everything running within the Beeper client app itself. But to do that, the Beeper client would have to learn how to talk to the iMessage protocol.”
In early August, Migicovsky received a message on Discord from the user JJTech0130. JJTech0130, whose name is James Gill, said he had just released a coding project called Pypush—a mashup of “Python,” a coding language, and “push notifications.” Gill claimed he had “reimplemented iMessage” and thought Migicovsky might be interested. Less than 10 minutes later, Migicovsky responded, “Holy crap! Does it work?”
“Yes it works,” Gill responded, adding a tongue-out emoji. Gill had been working on the Pypush project in between his high school robotics classes and part-time shifts at McDonald’s in Bethlehem, Pennsylvania. He’s 16 years old.
Earlier this year Gill had become intrigued by how Apple’s push notification service works, and how these bidirectional notifications might offer some clues into breaking open Messages.
First, he had to better understand how the Apple ID worked, so he reverse engineered how Apple Music operated on a Windows computer. He noted the traffic and how a non-Apple device registered with Apple servers. Next, he noted how a macOS computer signs into iMessage, then inspected that traffic. Then he reproduced it all in Python.
He began to put together a proof-of-concept that examined the various handoffs between the Apple ID, its push notification service, and its messaging technologies.
“In theory, iMessage uses public encryption keys, because that’s how end-to-end encryption works,” Gill says. (Gill is correct, in that asymmetric encryption or public-key cryptography relies on a public-private key pairing; one is used to encrypt a message, and the other to decrypt it.) “Pypush actually figures out how we can publish those keys to Apple’s key server and how you can retrieve keys from Apple’s key server,” Gill says.
“His proof of concept demonstrates that on any computer with Python, you can sign into iMessage and send and receive messages,” Migicovsky says. He was so impressed with Gill that he offered him a contract to work part-time at Beeper. Gill accepted, with parental approval.
