Privacy WIN! Apple & Android Unite for Secure Messaging
-
This post did not contain any content.
They treat this as if e2ee was the privacy grail but it's only marketing to fool people believing they're protected.
The actual contents of the messages aren't as important for privacy. It's the Metadata and a ton of other measures rhay signal implements in their family of protocols.
Talking about e2ee and call it private shows ignorance in what privacy entails.
-
Google's default implementation IS proprietary, so while the spec isn't, the mass-adopted deployment is. Google is in the middle, unless you use a different app (if that's even possible, I don't know as I don't Android).
They do not allow that, but yeah, it’s just their OS which only allows access to the relevant system interface for their own app. Apple doesn’t let you send SMS with third-party apps either for example.
Though admittedly, Google is putting proprietary extensions on top of it in their client, and they are apparently running a lot of carriers’ RCS endpoints, and using their servers when the carrier doesn’t support it at all. Which is fair, but imo does not make RCS itself inherently proprietary.
(However this is also to some extent warranted, since carriers were and still are dragging their feet a lot implementing it despite RCS being a required part of 5G carrier services IIRC^1^. This seems to me like another IPv6 situation.)
This claims to work on a rooted Android phone (or one where you have control over the system image), and the underlying library is platform-independent so you could use it to implement RCS for a Linux or other phone: https://github.com/Hirohumi/RustyRcs. I haven’t tested it though since I also don’t Android (anymore).
^1^ Though maybe that was just for 5G standalone, which no carrier is doing yet anyway.
-
I can sort of see why it’s not been a priority for them. Outside of the US nobody uses SMS or the built in text apps. I just went through my phone and I haven’t had a text message that wasn’t business related since July.
I had some! It's the rescue services warning you that the ice is starting to break and you shouldn't walk on it.
-
This post did not contain any content.
They probably have a separare copy encrypted by keys under their control, but if verification codes text messages also use RCS Encryption, at least its harder for people to hack bank accounts.
-
They treat this as if e2ee was the privacy grail but it's only marketing to fool people believing they're protected.
The actual contents of the messages aren't as important for privacy. It's the Metadata and a ton of other measures rhay signal implements in their family of protocols.
Talking about e2ee and call it private shows ignorance in what privacy entails.
Good enough to protect against your bank verification codes from being intercepted, asa long as the bank also uses RCS's Encryption to send the message
-
It was honestly surprising to learn that SMS/RCS/iMessage is the most common way to send messages in the US, as it hasn’t been that way in the UK for over a decade now.
For better or worse, folks in the UK & EU all switched to apps like WhatsApp, Messenger, Viber, etc. due to better features and free international calls.
It seems like where I live, RCS is not supported on all carriers (not on mine) - but most importantly, not on all phones. The one carrier that has it says it only works on certain Samsungs (I guess also Google Pixel, but they are not officially sold, even if not unpopular). So even though they're not paid separately like SMS, I don't think anyone would be switching to it from Whatsapp or Telegram.
-
I can sort of see why it’s not been a priority for them. Outside of the US nobody uses SMS or the built in text apps. I just went through my phone and I haven’t had a text message that wasn’t business related since July.
I use QKSMS regularly and I'm not in the US
-
This post did not contain any content.
We had this in XMPP a decade ago & they could have readopted the open standard instead of creating a new one. There is no track record of them not bending the rules to benefit just them anyhow—but this time it was developed exclusively by the tech giants which is absolutely for their benefit with nestled enclaves to meet the bare minimum requirements while still building the garden’s walls higher. Cabal-ass behavior.
-
This post did not contain any content.
Of course you can't use it without being part of a huge tech duopoly so yay and it doesn't work without googles proprietary messaging app.
-
They treat this as if e2ee was the privacy grail but it's only marketing to fool people believing they're protected.
The actual contents of the messages aren't as important for privacy. It's the Metadata and a ton of other measures rhay signal implements in their family of protocols.
Talking about e2ee and call it private shows ignorance in what privacy entails.
Exactly and if you have to use stock android or iOS to get this feature you are agreeing to so much intrusions into privacy that it's sort of moot.
-
This post did not contain any content.
Despite SMS not being secure I'm determined to stop using WhatsApp and haven't installed it on my new phone. My old phone has WhatsApp business with an auto reply saying to contact me on signal or send a text. Granted I don't have a huge contacts list but 4 people have started using Signal and the rest send a text, so this is good news in my book.
-
This post did not contain any content.
Remind me again when there is a FOSS application for RCS messaging
-
We had this in XMPP a decade ago & they could have readopted the open standard instead of creating a new one. There is no track record of them not bending the rules to benefit just them anyhow—but this time it was developed exclusively by the tech giants which is absolutely for their benefit with nestled enclaves to meet the bare minimum requirements while still building the garden’s walls higher. Cabal-ass behavior.
XMPP is very much a valid option nowadays too! Much easier and lighter to host than Matrix, too. I use it with my mom - Conversations is just as easy to use as Whatsapp, and maybe more pleasant.
-
Good enough to protect against your bank verification codes from being intercepted, asa long as the bank also uses RCS's Encryption to send the message
I assumed that when it comes to SMS 2FA, simswapping is a threat much bigger than interception of the contents...
-
Remind me again when there is a FOSS application for RCS messaging
-
This post did not contain any content.
That's not a privacy win for anyone. What this is is a marketing win for Crapple and Google.
-
XMPP is very much a valid option nowadays too! Much easier and lighter to host than Matrix, too. I use it with my mom - Conversations is just as easy to use as Whatsapp, and maybe more pleasant.
Cheogram has a better featureset on Android in my experience. Movim has quite a lot of features & good performance for a web app—which covers the folks that “don’t want to install any new apps” (generally the right skepticism, but really most F-Droid ones are safer with less worry), or platforms without good clients. The biggest pushback I have heard was bad iOS clients—but being a self-hostable service with almost exclusively free software clients, it should be of no surprise any iOS dev is lackluster, being an entirely closed platform, anti-GPL, & with a hefty fee just to list an application.
-
System shared this topic on
