> Giving my Apple ID to a third-party seems insane
That's fair. You'd be happy to learn that literally no one is forcing you to hand over your Apple ID to Beeper. Your approach is very good for your account safety, but you don't need to keep other people safe from themselves.
Do you have similar concerns when people use non-Google-approved email clients to use Gmail, or alternative YouTube clients, or Signal/Telegram forks?
Perhaps you think HN should ban alternative clients or weird web browsers too. Too bad a lot of people think interoperating clients are important or we would be left with the Web Integrity crap to "keep us safe".
> Do you have similar concerns when people use non-Google-approved email clients to use Gmail.
If they ask for credentials, absolutely. Google has both an OAuth flow and the ability to generate app-specific passwords (which correctly have very limited abilities) so I never have to pass over the real creds.
I have never given my Gmail credentials to Apple, but I get my mail just fine.
Google requires you to register an application and get it approved to log in with OAuth, you can't just use it with arbitrary callback URLs. Why should I need to ask Google permission to use my own data, or ask for Google's permission to allow other apps to use my data?
If the Beeper service is totally fine, and you mind their auth methodology, perhaps you should complain about Apple not providing better iMessage auth options.
Instead, you complain about users being able to give their own data to an app they chose to install.
> Google requires you to register an application and get it approved to log in with OAuth, you can't just use it with arbitrary callback URLs. Why should I need to ask Google permission to use my own data, or ask for Google's permission to allow other apps to use my data?
That's fair. You'd be happy to learn that literally no one is forcing you to hand over your Apple ID to Beeper. Your approach is very good for your account safety, but you don't need to keep other people safe from themselves.
Do you have similar concerns when people use non-Google-approved email clients to use Gmail, or alternative YouTube clients, or Signal/Telegram forks?
Perhaps you think HN should ban alternative clients or weird web browsers too. Too bad a lot of people think interoperating clients are important or we would be left with the Web Integrity crap to "keep us safe".