So it appears for now that using RCS to send messages between iPhones and Android is not encrypted. That also means that if any iMessage group has even one Android member in it, the group's conversation can potentially be read.
The same is true for an Android owner. If just one iPhone user is part of the Google Messages conversation then the entire group may be compromised.
This is the number one reason that Apple should be aggressively involved in closing up their end of RCS. It makes everyone's messaging vulnerable as long as they don't, even those messages between iPhone owners that can't be sent with iMessage for varying reasons.
The same can be said for people using Android phones that don’t support RCS. Google should be aggressively encouraging them to update to modern OS, it makes everyone’s messaging vulnerable as long as they aren’t.
Of course, iMessages have been encrypted from the start, so even if I send a iMessage to a person using an iPhone 4 it will be encrypted.
Recent data shows the percentage of Android users already actively using RCS messaging is estimated to be around 70-80% in regions with widespread carrier support. With Samsung now committed to using Google Messages with E2EE as well, those numbers will be going even higher. If someone has a fairly recent Android device, RCS is enabled by default.
Based on my contacts alone that seems reasonable. I’d say about 20% of my Android contacts don’t support RCS. Google clearly still has work to do there. On the other hand, 100% of my iPhone contacts support iMessage.
It's doubtful that 100% of your contacts support iMessage.
As long as every message is from a fellow iPhone owner and remains within iMessage, yup 100% support it. That's one of the things I like about my iPhone. But things are never constant, and like with iMessage, 100% of my Android contacts have RCS support with Google Messages, though there are some who choose to use other messaging apps instead, same as some iPhone owners who by choice don't use iMessage.
But I think you're missing the point entirely, just ignoring it.
If every person you want to contact has only an iPhone then iMessage is all you need. I have both Android and iPhone owning friends, and I'd wager you do too. The only reason my conversations between all of us can't be private and secure is primarily Apple's fault. Were it not for lack of encryption we'd be good. Google Messages is not lacking in privacy, security and for the most part, features.
None of the Android phone owners you know will ever have iMessage, Apple won't allow it, so that's not an option for a huge percentage of smartphone users. But as soon as Apple catches up we can all communicate securely anyway, iMessage or not.
if there’s still a reasonably large chance that sending a message to an Android user won’t be able to use RCS then why should Apple rush to offer it? Apple knows that all messages sent using iMessage are encrypted, as do many iMessage users, and all messages sent to an Android user are not encrypted. If they enable encrypted RCS now there’s still not much of a guarantee that the message will be able to be sent encrypted. That’s adding potential confusion to the process. Once Android gets to something much closer to 100% coverage than the current possibly 70% coverage then I’d expect Apple to offer it. Right now, not so much. (I mean, obviously)
What happens now if you try to send an iMessage to a WhatsApp user?
RCS is available to any Android smartphone released in the last ten years. The default Messages setting for RCS is E2EE, end-to-end encrypted. It does not need to be enabled. I don't know how Google could do more than that. Some people will simply choose to use a messaging app other than Google Message and iMessage.
Obviously, the discussion would be over those two services, and not third-party apps, prevalent in much of the world outside the US (ie WhatsApp, Signal, etc). We can't prevent user choice, but we can ensure that communications between users of the two first-party apps can happen privately and securely cross-platform. Just waiting for Apple to get on board.
What happens now if you try to send an iMessage to a WhatsApp user?
RCS is available to any Android smartphone released in the last ten years. The default Messages setting for RCS is E2EE, end-to-end encrypted. It does not need to be enabled. I don't know how Google could do more than that. Some people will simply choose to use a messaging app other than Google Message and iMessage.
Obviously, the discussion would be over those two services, and not third-party apps, prevalent in much of the world outside the US (ie WhatsApp, Signal, etc). We can't prevent user choice, but we can ensure that communications between users of the two first-party apps can happen privately and securely cross-platform. Just waiting for Apple to get on board.
Re: iMessage to a WhatsApp user
Can you even do that? Even if that’s possible (I thought WhatsApp was a closed-loop messaging app), why would I ever want to talk to someone dumb enough to share his messages with Zuckerberg?
Re: RCS is available blah blah
“Available” ≠ “in use.” So that’s a big hole in your argument … but not the only one.
Re: I don’t know how Google could do more than that.
I do — mandate that all messaging apps that DON’T use E2EE by default are barred from the Play Store.
Sometimes when we have a rational and informative discussion going on, it can suddenly take a hard right into the troll lands where it comes to an end.
The noon news had a story about this. They explained what was happening and the reason for the FBI's concern. Then they went on to say for the utmost security and encryption use Google Messages on Android or iMessage on an iPhone.
Oh, and they added one other warning: The worst danger comes when iPhone owners and Android users text each other, and there would be no protection from Chinese (or other government) eavesdropping, even tho alone the two apps are E2EE. Some folks probably do not understand that.
This needs to be fixed sooner rather than later by Apple encrypting RCS with the MLS protocol which is already in place on Android. Back to the "first": I don't ever recall Fox promoting the security of Google Messages before today. Kudos.
The noon news had a story about this. They explained what was happening and the reason for the FBI's concern. Then they went on to say for the utmost security and encryption use Google Messages on Android or iMessage on an iPhone.
Oh, and they added one other warning: The worst danger comes when iPhone owners and Android users text each other, and there would be no protection from Chinese (or other government) eavesdropping, even tho alone the two apps are E2EE. Some folks probably do not understand that.
This needs to be fixed sooner rather than later by Apple encrypting RCS with the MLS protocol which is already in place on Android. Back to the "first": I don't ever recall Fox promoting the security of Google Messages before today. Kudos.
Once again, you are over simplifying what Apple needs to do to have RCS with cross platform E2EE.
For one, RCS do not belong to Apple. It doesn't even belong to Google. RCS belongs to the telecoms (GSMA) and any changes to it has to go through the GSMA. Just because Google is now using MLS protocol for encryption, it doesn't mean that all Apple have to do is add E2EE to RCS in iOS.
It is not Apple responsibility to develop their own encryption for the telecoms standard version of RCS, that they adopted for iOS. The telecoms has to come up with the cross platform E2EE for RCS.
Google did not adopt the MLS encryption protocol so that Apple can easily adapt their iOS version of RCS with E2EE into Google version, without any significant loss of security. Google adopted the MLS protocol so that when the telecoms finally implement E2E in the standard version of RCS, the telecoms that wants to use Google Jibe servers to host their RCS messaging, can easily do so. But those that don't want to host their RCS on Google Jibe servers could do so, without losing E2EE on RCS messages between other carriers.
Not all carriers are hosting their RCS messaging on Google Jibe servers. When Apple finally implement E2EE with RCS, they want to ensure that when using iMessage to send a RCS E2EE message, that message is E2EE no matter the carrier, not just E2EE when using carriers that are hosting their RCS messaging on Google Jibe servers. This will be solve when the telecoms agreed on a standard version of RCS with E2EE. Not when Apple add their own E2EE to RCS, on iOS.
The noon news had a story about this. They explained what was happening and the reason for the FBI's concern. Then they went on to say for the utmost security and encryption use Google Messages on Android or iMessage on an iPhone.
Oh, and they added one other warning: The worst danger comes when iPhone owners and Android users text each other, and there would be no protection from Chinese (or other government) eavesdropping, even tho alone the two apps are E2EE. Some folks probably do not understand that.
This needs to be fixed sooner rather than later by Apple encrypting RCS with the MLS protocol which is already in place on Android. Back to the "first": I don't ever recall Fox promoting the security of Google Messages before today. Kudos.
Once again, you are over simplifying what Apple needs to do to have RCS with cross platform E2EE.
For one, RCS do not belong to Apple. It doesn't even belong to Google. RCS belongs to the telecoms (GSMA) and any changes to it has to go through the GSMA. Just because Google is now using MLS protocol for encryption, it doesn't mean that all Apple have to do is add E2EE to RCS in iOS.
It is not Apple responsibility to develop their own encryption for the telecoms standard version of RCS, that they adopted for iOS. The telecoms has to come up with the cross platform E2EE for RCS.
Google did not adopt the MLS encryption protocol so that Apple can easily adapt their iOS version of RCS with E2EE into Google version, without any significant loss of security. Google adopted the MLS protocol so that when the telecoms finally implement E2E in the standard version of RCS, the telecoms that wants to use Google Jibe servers to host their RCS messaging, can easily do so. But those that don't want to host their RCS on Google Jibe servers could do so, without losing E2EE on RCS messages between other carriers.
And that's what MLS encryption will do. It frees RCS encryption from requiring Google to make it work. That's why MLS will be the adopted GSMA standard, and already supported within Android by Google who is assisting the GSMA with integration. Googles current version for Google Messages is using the Signal protocol. You are apparently not aware of that.
Your Forbes link (typical low-value click-bait article) , "Google's RCS Nightmare", refers to the current UNENCRYPTED version of the GSMA's RCS. It's reporting the exact same story you're reading here at AI, but click-baiting by adding Google to the headline. That's not Google's version. Neither carriers nor hackers can access the E2EE RCS.
So it is no Google nightmare. It's exactly what Google said it would be, better but not perfectly secure, if Apple resisted their assistance to integrate an encrypted version as they have. And that would not require Google servers or Google code. It will be using the open-source MLS protocol, blocking Apple, Google, carriers, or anyone else from eavesdropping.
You should try to understand what you're reading before commenting.
Comments
RCS is available to any Android smartphone released in the last ten years. The default Messages setting for RCS is E2EE, end-to-end encrypted. It does not need to be enabled. I don't know how Google could do more than that. Some people will simply choose to use a messaging app other than Google Message and iMessage.
Obviously, the discussion would be over those two services, and not third-party apps, prevalent in much of the world outside the US (ie WhatsApp, Signal, etc). We can't prevent user choice, but we can ensure that communications between users of the two first-party apps can happen privately and securely cross-platform. Just waiting for Apple to get on board.
The noon news had a story about this. They explained what was happening and the reason for the FBI's concern. Then they went on to say for the utmost security and encryption use Google Messages on Android or iMessage on an iPhone.
Oh, and they added one other warning: The worst danger comes when iPhone owners and Android users text each other, and there would be no protection from Chinese (or other government) eavesdropping, even tho alone the two apps are E2EE. Some folks probably do not understand that.
This needs to be fixed sooner rather than later by Apple encrypting RCS with the MLS protocol which is already in place on Android.
Back to the "first": I don't ever recall Fox promoting the security of Google Messages before today. Kudos.
Your Forbes link (typical low-value click-bait article) , "Google's RCS Nightmare", refers to the current UNENCRYPTED version of the GSMA's RCS. It's reporting the exact same story you're reading here at AI, but click-baiting by adding Google to the headline. That's not Google's version. Neither carriers nor hackers can access the E2EE RCS.
So it is no Google nightmare. It's exactly what Google said it would be, better but not perfectly secure, if Apple resisted their assistance to integrate an encrypted version as they have. And that would not require Google servers or Google code. It will be using the open-source MLS protocol, blocking Apple, Google, carriers, or anyone else from eavesdropping.
You should try to understand what you're reading before commenting.