Comment by madeofpalk
2 years ago
I struggle to believe that a third party iMessage iOS app would be a security improvement, beyond Lockdown Mode https://support.apple.com/en-us/105120.
Either a third party app would still use the same vulnerable frameworks as iMessage, or they would re-implement them potentially with more vulnerabilities, or just not implement the features, which is what Lockdown Mode gives you.
One could argue the same about alternatives to Safari, and yet Chrome has proven to be more secure than Safari (based on Pwn2Own results).
I would not argue that about web browsers, because there’s plenty others out there. I don’t think Google would make a iMessage client for iOS.
But others probably would. Maybe the user-experience on the security focused clients will be degraded (missing features or disabled features for the sake of privacy and security, lower performance due to some other security features), but you'd still have this kind of niche clients.
Browsers are not the only thing concerned here, there are many sectors impacted by this philosophy. Qubes-OS for Linux Distributions, replacing containers (and especially Docker) with daemon-less or even MicroVM (Firecracker, Podman, ...). I'm sure there are also heavily sandboxed clients for Matrix, SMS or Emails.