This assumes that all Beeper Mini users are spam, and that's a weird take.

More charitably, perhaps you are saying spam will increase over previous levels. From what I understand, Apple does not have any spam prevention technologies in Messages at all, neither for incoming iMessages, nor for SMS messages-- so the only thing keeping your iMessage conversations free of them is the obscurity of the protocol. Perhaps they should just add anti-spam tech like other texting clients have had for years.

When you get an iMessage from a new contact, there's a "report junk" option; I'm assuming Apple does some kind of spam detection with that (ie if a particular Apple ID gets enough reports, it gets blocked). I've never seen any public documentation of it though.

The same technology Beeper Mini uses to get onto iCloud can also be used by spammers, crooks, etc. to get onto iCloud. You either get both or none. Frankly, as a paying Apple customer, I want them to close this because I hate SPAM. Also, the obsession of iMessage seems very strange to me.

Nonsense. You still just receive SMS messages as normal, so any spam will be delivered to you regardless.

The solution to spam is to petition your government to crack down, or do server side filtering. Banning random phones is like playing whack a mole.

You are incredibly selfish. Neither of those are more than a mild inconvenience. On the other hand, loss of personal freedom and privacy are major issues with real world consequences.

Both of those are issues that can be solved server side if the company actually cared. They don't, and instead want to steal your freedom so they can push DRM.

iMessage already has a spam problem, even with attestation.

I know of no messaging platform using remote attestation for antispam - and, as far as those platforms continue to support web registration, they can't use remote attestation[0]. Even if they could, it wouldn't help. Remote attestation verifies that your client code is running without modification. What you care about with spam is keeping the spammers from registering large numbers of unrelated accounts, which doesn't require modifying the client at all.

I will give you that remote attestation does help anticheat. However, the current state of anticheat in games is so invasive now that you have to install special kernel drivers, and that kernel has to be on bare metal (no hypervisors allowed). This only happened because a specific genre of fast-twitch first person shooter has a lot of closet cheating going on. But it also gets blindly applied to things like rhythm games that absolutely do not need kernel-level anticheat[1]. So every game gets more invasive because of one hyper-competitive game genre triggering an anticheat arms race.

[0] Or at least, for as long as Web Environment Integrity stays dead

[1] Altering the client isn't even the most common way of cheating rhythm game records. For example, a good chunk of the rules for, say, Pump It Up's online leaderboards is "don't have other players play on your A.M.Pass" and "don't hook up a hand controller onto an online cab". Neither of which would be stopped by an anticheat system (and yes, PIU being an arcade rhythm game, there's shitton of encryption on it).

> as far as those platforms continue to support web registration, they can't use remote attestation

They can; Apple (and others) have implemented Private Access Tokens (PATs) for this.

https://blog.cloudflare.com/eliminating-captchas-on-iphones-...

Remote attestation does more than ensuring code is not modified. It definitely can be used to prevent spammers from registering a large number of accounts.

And no, web registrations as a must have is an extremely antiquated concept.