
“Apple took away Messages.app UI scripting capabilities in OS X 10.11” - ivank
https://github.com/CamHenlin/imessageclient
======
sjwright
I love open source and open protocols as much as anyone on HN, but honestly,
secretly, I love the tied-down nature of iMessage because that keeps it
(mostly) free from spam and abuse.

If you want something more open, that exists too, which is great. It doesn't
make sense to complain that iMessage isn't what you want it to be. Choice
means that open _and_ closed solutions exist in the market.

~~~
BeefySwain
Choice means interoperability, not picking between walled gardens.

~~~
sjwright
Choice means choice, not interoperability. Choice means I get to _choose a
walled garden_ or an open protocol.

~~~
TeMPOraL
Except in quite a lot of cases - like communication tools or social media
platforms - you _didn 't choose anything_. Your friends did, as an aggregate -
as individuals they didn't chose anything either.

Somehow people recognize that illusion of choice when talking about Facebook,
but fail to recognize it here? Weird.

~~~
bendiksolheim
Facebook is quite different from this case. If you friends use Facebook to
communicate, you need to as well. There is, as far as I know, no alternative.
But if your friends use iMessage to communicate, you can easily communicate
with them through SMS. Just turn off iMessage, and Apple will recognize this
and fallback to SMS. You are not forced to use iMessage just because your
friends does.

~~~
nmcfarl
You wish Apple would recognize this. But in fact my sister did this, and
filled out their web form and did everything else they suggest. And Apple
still does not recognize it. (On the inbound side. )

She can text me, but when I or anybody else On an iPhone try to text her it
goes to iMessage and she never receives it.

Yes this is "just a bug", but it also seriously promotes lock-in. It's a very
strategic bug, and if she hadn't bought a new phone she would probably be back
on iMessage.

iMessage is not always a choice, sometimes it's for life whether you wanted it
to be or not.

------
freewizard
I don't think it actually helps with spam issue, at least not in China.

Almost every iMessage user who activated with a Chinese mobile number has been
receiving 3~10 spam iMessages everyday about online gambling and etc since
~2012 when iMessage service went live in China. The content for those messages
have been pretty much the same with some minor variant on wording.

With the scale of the spam, I believe it's likely not sent thru UI scripting,
but the iMessage protocol might have been well reverse-engineered and
exploited by spammers. So disabling UI scripting won't help anything but cause
trouble for developers with legit usage.

~~~
creshal
At Chinese wage levels you might just set up a sweat shop and have people send
messages by hand. It worked to break captchas, too.

~~~
LoSboccacc
precisely:
[http://i.huffpost.com/gen/2575582/thumbs/o-WET-570.jpg?7](http://i.huffpost.com/gen/2575582/thumbs/o-WET-570.jpg?7)

~~~
cm3
Hadn't seen that before. But there's one disadvantage with breaking captchas:
have you been challenged recently with Google captchas? They take much, much
longer to solve and oftentimes you don't even pass. This is with their image
neural net training captcha. It constantly asks you to select more than the
visible and inserts new images until it's satisfied. What I'm saying is that
any site that uses Google's captcha system before posting a comment or
something similar takes up much more of my time than it did before. I'm not
sure if this is strictly needed, seeing many sites that manage with simple
captchas. My impression is that Google turned their captcha system into a
mechanical turk for letting the masses work for them and train their image
neural net.

~~~
jrockway
I haven't gotten anything except that "I am not a robot" captcha.

Generally I am not that upset if a business uses a captcha; I'm willing to
meet in the middle. I as the customer am the one paying for fraud, do you
think the CEO just takes fraud as a deduction out of their paycheck?

~~~
cm3
The general idea of a captcha is valid and sound, but it's a problem if
captchas turn into crowdsourced labor for Google's neural net. First it was
reading house numbers, which was easy and not that time intensive, thus
acceptable, but the new captchas are a time sink and hard to accept.

~~~
jrockway
It takes time to solve a captcha regardless of whether or not it's going to
/dev/null or into some neural network.

(My second paragraph was actually directed at a reply to your comment.)

~~~
cm3
> It takes time to solve a captcha regardless of whether or not it's going to
> /dev/null or into some neural network.

Yes, and if Google's captcha didn't get much harder, I wouldn't mention it. At
least they stopped showing impossible to read random words. They had one
variant which I never once passed and had to reload until I got something with
distinctive letters.

~~~
creshal
It's definitely getting worse. Last week I had to give up on trying to file a
warranty claim for a WD hdd, because their warranty portal stuck me in a
"select all images showing X" captcha loop for 45 minutes.

------
aktau
They didn't remove all OSAScript (AppleScript) functionality apparently. This
tiny thing still works:
[https://gist.github.com/aktau/8958054](https://gist.github.com/aktau/8958054).

Perhaps the OP really is talking about the Messages.app UI, but the screenshot
on github imply that this is some sort of alternate UI (curses-based). Perhaps
I'm misundestanding.

~~~
c17r
There is no API for Message; this github repo was scraping/scripting the
Message.app GUI to create a Message command line client. OSX has removed the
ability to scrape/script Messages.app GUI, so the github repo is dead in the
water.

~~~
pvg
There is a scripting API and most of it still works. For instance you can do

    
    
        tell application "Messages" to send "This is an SMS" to buddy "+14155555555" of service "SMS"

~~~
amatix
I use Gammu to forward received SMS messages from a USB 3G modem to iMessage
(which then appears on all my devices) --
[https://gist.github.com/rcoup/93460ea39b05e957e884](https://gist.github.com/rcoup/93460ea39b05e957e884)

Unless it's been disabled with 10.11.5 it's still working :)

------
camhenlin
Funny to see someone besides me post a link to one of my git repos :) What
I've done to get around of some of these issues is run an OS X 10.10 VMware
image to handle running iMessage-related code. This gets less UI interference
since it is fairly AppleScript heavy. Another poster pointed out that
disabling some of OS X's security features seems to make this work as well,
but I didn't really feel comfortable recommending that anywhere. I just want
to easily and programmatically send and receive iMessages!

~~~
pvg
It's not clear from the note on the git repo, what got removed and what
functionality got disabled?

~~~
camhenlin
UI Scripting capabilities were quietly blocked from being used with
Messages.app in OS X 10.11

~~~
nier
I don't understand. In Yosemite you don't need any UI Scripting. Have they
removed this from El Capitan as well? What happened to:

    
    
       tell application "Messages"
          set iMessageService to (first service whose service type is iMessage)
          send "Hello World" to buddy "0123456789" of iMessageService
       end tell

~~~
camhenlin
No, that will no longer work in OS X 10.11 without disabling OS X's system
integrity protection

~~~
jsjohnst
I also just tried it on 10.11.5 w/o SIP disabled and it works for me too.

~~~
camhenlin
Cool, didn't realize that, thanks for checking. However this method doesn't
appear to work for group chats as far as I can tell, only one-on-one messages

------
NEDM64
Normal.

There were people selling apps that bought iMessage to other platforms, by
using VMs in servers running the desktop App and using the scripting
functionality.

~~~
andybak
This gets to the heart of why Apple probably did it and why it's significant.

It was a nasty hack for interoperability but it worked and is probably the
only thing that would work. It also indicates how much Apple cares about
squashing interoperability for iMessage. Whether you feel this is because it
presents a security risk or a business risk is down to the cut of your tin
foil hat.

~~~
TazeTSchnitzel
Well, Apple originally planned to make FaceTime (and thus presumably also
iMessage) an open standard. Patent trolling put an end to that.

~~~
mcmatterson
I always wondered about where that promise went. Do you have a source for your
statement?

------
comex
It should be pretty easy to work around this, either by hacking around (e.g.
with a debugger) whatever call was used to disable UI scripting, or by using
the interface between Messages.app and the IMCore framework, which is a
relatively high-level Objective-C API. On the other hand, for the record,
reimplementing an iMessage client from scratch would be difficult due to DRM:
while the protocol is generally sane, it includes an authentication layer
based on FairPlay, involving heavily obfuscated code. Some information here,
though I'm not sure if it's up to date:

[http://imfreedom.org/wiki/IMessage](http://imfreedom.org/wiki/IMessage)

~~~
PhantomGremlin
_by hacking around (e.g. with a debugger)_

In 10.11 Apple added System Integrity Protection[1][2], so it might not be as
simple as it once was to hack preinstalled apps. From wiki:

 _Most preinstalled Apple applications in /Applications are protected as well.
The kernel stops all processes without specific privileges from writing to
flagged files and folders. It also prevents code injection, runtime attachment
(like debugging) and DTrace_

[1] [https://support.apple.com/en-us/HT204899](https://support.apple.com/en-
us/HT204899) [2]
[https://en.wikipedia.org/wiki/System_Integrity_Protection](https://en.wikipedia.org/wiki/System_Integrity_Protection)

~~~
comex
SIP can be disabled by the user by design, but yes, it would require doing so.

------
kethinov
I also built a Messages.app companion app that 10.11 largely broke:
[https://github.com/kethinov/BubblePainter](https://github.com/kethinov/BubblePainter)

Still technically works if you disable SIP, but that's a big ask just to be
able to use my little toy app.

------
sgt
I've got a Mac at home which I use for my own personal iMessage bot to do
certain tasks in my house. I specifically left this Mac at Mountain Lion,
since I sort of anticipated problems further down the line with the newer
versions of OS X. I can probably safely upgrade to 10.10 but it was finicky
enough to set up the AppleScript to work with my scripts.

------
ComputerGuru
I just bought a jailbroken iPhone which I'll upgrade to a newer release
supporting SMS handoff, etc; then use for running a message server so that I
can send and receive synchronized messages on my Windows development PC the
same way I can on my Mac.

------
HappyTypist
I don't think this change was to intentionally block this repo. In OS X 10.11,
more system apps including Messages.app has been white listed for SIP
protection. Everything works if you disable SIP protection.

It is understandable that Apple doesn't want malware to easily read people's
messages.

------
mkhpalm
Why is everybody fighting so hard to use iMessage? I just tell people I can't
use it since Apple doesn't provide a solution for everybody. I thought that
was the normal response. Why are people losing sleep over this?

------
INTPenis
It's still possible to script with tools like Sikuli for example.

Edit: I mean for the purposes of spam, not for the purposes of making an app
like the one OP linked to.

------
draw_down
That app is such a hunk of junk, on every platform. It's disgraceful.

~~~
fredoliveira
I'll bite. What's wrong with it on iOS?

------
beedogs
Nothing new: Apple loves removing functionality from their products.

