> Right now, when people on iOS and Android message each other, the service falls back to SMS — photos and videos are sent at a lower quality, messages are shortened, and importantly, conversations are not end-to-end encrypted like they are in iMessage.
They will still not be end-to-end encrypted in RCS. They will just be encrypted in transit, but your carrier (or whoever is running whatever server in an RCS architecture) can read all your messages.
There is talk that Google's got some kind of extension that adds E2EE to RCS but others will be well informed on it and can add to my message.
I'm blissfully happy with iMessage. For the non-Apple people, we've been using WhatsApp for nearly a decade.
But what does this do for OTP messages, etc? I'll have to check if Twilio automatically uses RCS if you send a message to a supported number. I do like the idea of all messages being encrypted in transit at least (SMS is not).
> There is talk that Google's got some kind of extension that adds E2EE to RCS but others will be well informed on it and can add to my message.
It’s not just talk, but it’s locked down. Google’s huge PR campaign backing RCS has been very impressive at getting people to conflate the two but basically they have an RCS extension implementing the Signal protocol which theoretically could be implemented by anyone but it depends on Google’s key exchange servers which are restricted to their own proprietary app – even third-party Android developers are blocked.
It’s a PR masterwork, really. They’re honest on the technical white paper:
> E2EE is implemented in the Messages client, so both clients in a conversation must use Messages, otherwise the conversation becomes unencrypted RCS. In rare situations where the conversation starts as E2EE, then one of the clients migrates to a different RCS client or an older Messages client that does not support E2EE, Messages might be unable to detect the change immediately. If the Messages user sends a new message, it’s still E2EE, however the recipient client may render the encrypted base64 payload directly as message content.
> Messages from Android phones show up as green bubbles in iMessage chats, and chaos ensues.
This is not true -- messages from Android users show up as grey, the same as messages from iMessage. Messages from you *TO* Android users show up as green. I don't know why people keep getting this wrong.
That's why it's always a pain to figure out why a group chat is showing up green all of a sudden; you can't tell who brought the Android to the party.
> That's why it's always a pain to figure out why a group chat is showing up green all of a sudden; you can't tell who brought the Android to the party.
Or as the rest of the world would describe it: That's why it's always a pain including Americans in a group chat – they usually don't have WhatsApp :)
Devil's advocate: that was an intentional design choice to incite even more user hate against Android users and build Apple cult mentality. Users will subconsciously assign the blame for their frustration of figuring out who the Android user is, to the Android user, rather than to Apple who is the real culprit.
Hard for me to see Google as the good guys in this RCS situation when Google Chat is separate from Messages and Google Voice is almost totally neglected.
That’s cuz they’re not. Nobody is. RCS is a crap standard, but it is a crap standard that the PRC, one of Apple’s larger markets, is requiring in new handsets going forward (something that The Verge reporter overlooked). I’m still curious what the compatibility story even is given Google has their own encryption standard but Apple is sticking to the GSMA spec and in their original announcement said they were going to be working with the GSMA to improve the security and privacy and all the carriers seem to just use Google’s software to run the backend.
Shh, don't mention Google Voice or they might remember it exists and kill it. I can't think of a Google service that's been more useful in my life, and hate to think what I'll have to do when they kill it.
How is that relevant? Text messages have historically (and technically) been separated from standalone chat applications, so it makes perfect sense that Google Chat is separate from Messages.
On the contrary, merging the two is a "bad guy" move since it causes vendor lock-in (case in point, Apple).
I hope the wider adoption of RCS will mean Google opening it up to other messaging clients on Android. If only because it'd be nice to fall back to something, anything, a bit better than SMS (most of my regular contacts use Signal these days). I just don't want to be locked into Google's client.
I hope RCS will never be widely adopted. It's bad technology, and despite what Google says, it's not carrier-based:
Google runs almost the entire show (since carriers can't be bothered to actually run RCS servers) and gets effectively all messages sent over it in plaintext, unless you happen to use Google's "Messages" app, which is the only one capable of end-to-end encrypting messages (using a centralized key sever run, you guessed it, by Google)!
Google Talk was honestly better than this on literally every metric, and additionally didn't tie everything to a phone number as an identifier.
I feel the same. I feel like I remember years ago, when RCS was first being implemented, Google said they would open the APIs so any texting app could use RCS. RCS is the reason I stopped using Textra and moved to Google Messages. Textra did say at one point they would integrate the RCS APIs when it was opened, but nothing has happened yet.
they still do white text on a lime green background despite every accessibility guidance to the contrary. if I used white text on a lime green background at my job I would be reprimanded. this is malicious compliance.
Before iMessage, they used the green bubbles for SMS. So unless Apple was planning a long con, they believed the green bubbles were fine for their customers for years, and switched to a new color (blue) when iMessage came about.
Would you not be reprimanded for white text on a cyan background?
That is the alternative on iMessage.
The bubble is not blue.
Edit: to be fair the text is also not "white"
The approximate (sRGB) color codes are:
"green" #39ff5a (57,255,90)
"white" #fdfdfd (253,253,253)
"grey" #d8d8d8 (216,216,216)
"blue grey" #aeb9cc (174,185,204)
"blue" #218aff (33,138,255)
All the contrasts are terrible, but clearly a marketing decision.
iOS supports increasing color contrast for anyone who wants it, and whining about iMessage bubble colors while ignoring that fact is doing the world a huge disservice.
For your own messages that you wrote and sent, not anyone else’s, and the contrast lower down on the screen is fine, it’s only at the top of the screen when it’s doing the fade-to-indicate-you-can-scroll-for-more thing that it runs afoul of contrast minimums.
I see a lot of confusing chatter about RCS (and maybe that’s the point).
Does anyone actually have a good write up on E2E encryption and whether or not all messages will actually go through google’s servers in plaintext? As in, not Google marketing.
Seen a lot of chatter and it seems like it’s is complicated on both fronts.
Only mildly worse (depending on the answer) than sending an SMS already but really makes me question the push for it in the first place
Its hard to avoid Google's marketing when the end-to-end implementation proprietary to their RCS app. This is their technical paper which confirms that it is end-to-end encrypted using the Signal protocol. The actual RCS spec has no support for E2E at this point.
> RCS uses a set of standard internet protocols like Session Initiation Protocol (SIP)[1] to establish a connection between two clients through a central messaging server. This connection is then used to exchange the messages using Message Session Relay Protocol (MSRP)[2]. In some RCS deployments this server is hosted by the carrier, and in other deployments the server is hosted by Jibe Mobile from Google.
> In situations where the two clients are not on the same carrier network, they’re connected through multiple servers—one from each carrier. The connection between the RCS client app and the carrier’s messaging server is encrypted using Transport Layer Security (TLS). Server to server communications are also encrypted.
How end-to-end encryption in Google Messages provides more security
Even if Apple cracks and ports iMessage to Android, I would still expect them to use a green bubble. It's a social signal to shame those in the outgroup
Nothing new in this article. While starts with, "The long-awaited day is here: Apple has announced that its Messages app will support RCS in iOS 18." no such day is here. They previously announced it was coming later this year (which meant iOS 18) and we are still waiting for that future unknown date this year. And still no details on how exactly will work. So while very excited for it, no new news here yet.
Sad that EU is (likely) banning e2e encryption ("chat control") before RCS ever got an accepted standard for it.
To their defense, that was what Apple key saying was their blocker on RCS. Some reasonable truth to it. I don't know how far or how hard Google went trying to make their extensions standards; AFAIK it's not like the web where this work & activity on it is easily seen.
So SMS goes over the phone network, online chat programs (like Discord) go over their own servers obviously, but what does RCS and iMessage go through?
Google's and Apple's servers on the internet? The phone system, seeing they're SMS-based?
Also, if I'm in the SMS messaging app, I expect my messages to be SMS, not internet-based?
Sure wish Apple would now make it available in a Windows app, or at least in browser. It would be so helpful to be able to text from my Windows machine through my iPhone.
RCS is out-of-the box an unencrypted messaging protocol.
The EU forcing Apple to adopt a cleartext protocol like RCS is deeply suspicious. Interoperability will force disclosure of message contents to the state and carrier.
(unless your phone vendor has implemented encryption in their implementation. Ie: optimistic encryption aka can’t trust if
it is truly working)
Use encrypted messaging protocols — iMessage, signal, WhatsApp…
Tell the government and the carriers to pound sand and <encrypted>……
I’d be more concerned if RCS was replacing an encrypted protocol. Going from SMS to unencrypted RCS is still an improvement, and it’s hard to imagine it being less secure than SMS already is. And at least with RCS they have the possibility of implementing encryption in the future, which they don’t with SMS.
iMessage was explicitly determined to be out of scope of the DMA [1], simply because there isn't a meaninful user base in Europe (as is the case in almost the entire world except for the US).
> The EU forcing Apple to adopt a cleartext protocol like RCS is deeply suspicious. Interoperability will force disclosure of message contents to the state and carrier.
I don't think it's suspicious. Almost nobody uses SMS in Europe anyway so this change is almost meaningless over here. It's just WhatsApp and then a little bit of Telegram, Signal etc on top.
I'm honestly not sure why anyone drives this (in Europe). I used to work for a mobile operator and RCS was a big thing around 2006-2009 in our R&D department. Then I changed to others jobs and almost didn't believe my eyes when it resurfaced with Google over a decade later. I was absolutely sure it was a dead horse already in 2009.
> Use encrypted messaging protocols — iMessage, signal, WhatsApp…
Using RCS E2EE is trivial. The way google does it is to simply pack signal protocol messages in the RCS message payload. It works great and it's simple.
Key identities are managed with a central identity server (like signal does) of course but that's because it's only supported on Google's jibe platform.
This can be trivially resolved by having each carrier who supports E2EE to host a key identity server so that you can lookup keys by phone number (which RCS already uses to point you to the right federated carrier service).
All that's missing from RCS having E2EE by default is google having literally anyone else adopt RCS forcing them to properly federate E2EE.
That depends on how apple decides to implement it. They are a huge player, and I am sure they can make some kind of agreement with google so that they can message through the jibe servers which use the signal protocol.
Why would you suggest a conspiracy theory like that?
I'm not even sure what RCS is, other than a replacement text service that American phone companies offer. I am not aware that it's something that I could use over here.
[+] [-] atonse|1 year ago|reply
They will still not be end-to-end encrypted in RCS. They will just be encrypted in transit, but your carrier (or whoever is running whatever server in an RCS architecture) can read all your messages.
There is talk that Google's got some kind of extension that adds E2EE to RCS but others will be well informed on it and can add to my message.
I'm blissfully happy with iMessage. For the non-Apple people, we've been using WhatsApp for nearly a decade.
But what does this do for OTP messages, etc? I'll have to check if Twilio automatically uses RCS if you send a message to a supported number. I do like the idea of all messages being encrypted in transit at least (SMS is not).
[+] [-] acdha|1 year ago|reply
It’s not just talk, but it’s locked down. Google’s huge PR campaign backing RCS has been very impressive at getting people to conflate the two but basically they have an RCS extension implementing the Signal protocol which theoretically could be implemented by anyone but it depends on Google’s key exchange servers which are restricted to their own proprietary app – even third-party Android developers are blocked.
It’s a PR masterwork, really. They’re honest on the technical white paper:
> E2EE is implemented in the Messages client, so both clients in a conversation must use Messages, otherwise the conversation becomes unencrypted RCS. In rare situations where the conversation starts as E2EE, then one of the clients migrates to a different RCS client or an older Messages client that does not support E2EE, Messages might be unable to detect the change immediately. If the Messages user sends a new message, it’s still E2EE, however the recipient client may render the encrypted base64 payload directly as message content.
https://www.gstatic.com/messages/papers/messages_e2ee.pdf
Meanwhile, the far more widely read marketing pages they actually advertise say things like this:
> SMS and MMS don’t support end-to-end encryption, which means your messages are not as secure.
https://www.android.com/get-the-message/
[+] [-] bjoli|1 year ago|reply
Their own documentation claims as much: https://support.google.com/messages/answer/10252671?hl=en
But it is the google-only RCS. If your provider have their own RCS implementation, tough luck.
[+] [-] andrewla|1 year ago|reply
This is not true -- messages from Android users show up as grey, the same as messages from iMessage. Messages from you *TO* Android users show up as green. I don't know why people keep getting this wrong.
That's why it's always a pain to figure out why a group chat is showing up green all of a sudden; you can't tell who brought the Android to the party.
[+] [-] lxgr|1 year ago|reply
Or as the rest of the world would describe it: That's why it's always a pain including Americans in a group chat – they usually don't have WhatsApp :)
[+] [-] JohnFen|1 year ago|reply
Genuinely curious -- why do you feel it's necessary to figure that out at all?
[+] [-] Ferret7446|1 year ago|reply
[+] [-] xnx|1 year ago|reply
[+] [-] SllX|1 year ago|reply
[+] [-] silisili|1 year ago|reply
[+] [-] noobee|1 year ago|reply
[+] [-] Ferret7446|1 year ago|reply
On the contrary, merging the two is a "bad guy" move since it causes vendor lock-in (case in point, Apple).
[+] [-] anothername12|1 year ago|reply
They will surely create and shit-can a dozen texting apps in the next decade. One may even fit my purposes until it too is shit-canned.
Nobody has more experience in building text apps than Google.
[+] [-] garciansmith|1 year ago|reply
[+] [-] lxgr|1 year ago|reply
Google runs almost the entire show (since carriers can't be bothered to actually run RCS servers) and gets effectively all messages sent over it in plaintext, unless you happen to use Google's "Messages" app, which is the only one capable of end-to-end encrypting messages (using a centralized key sever run, you guessed it, by Google)!
Google Talk was honestly better than this on literally every metric, and additionally didn't tie everything to a phone number as an identifier.
[+] [-] sphars|1 year ago|reply
[+] [-] goatmeal|1 year ago|reply
[+] [-] doctoboggan|1 year ago|reply
[+] [-] mdhb|1 year ago|reply
Can’t tell me that’s done in good faith either.
[+] [-] kurthr|1 year ago|reply
That is the alternative on iMessage.
The bubble is not blue.
All the contrasts are terrible, but clearly a marketing decision.https://coolors.co/contrast-checker/fdfdfd-218aff
[+] [-] BugsJustFindMe|1 year ago|reply
[+] [-] vundercind|1 year ago|reply
[+] [-] lxgr|1 year ago|reply
[+] [-] xnx|1 year ago|reply
[+] [-] nerdjon|1 year ago|reply
Does anyone actually have a good write up on E2E encryption and whether or not all messages will actually go through google’s servers in plaintext? As in, not Google marketing.
Seen a lot of chatter and it seems like it’s is complicated on both fronts.
Only mildly worse (depending on the answer) than sending an SMS already but really makes me question the push for it in the first place
[+] [-] enragedcacti|1 year ago|reply
https://www.gstatic.com/messages/papers/messages_e2ee.pdf
[+] [-] hot_gril|1 year ago|reply
[+] [-] aspenmayer|1 year ago|reply
https://www.gsma.com/get-involved/gsma-membership/gsma_orgs/...
https://techcrunch.com/2015/09/30/google-acquires-jibe-mobil...
https://android.googleblog.com/2015/09/committing-to-rcs-lat...
https://jibe.google.com/jibe-platform/
https://www.sicurezzaegiustizia.com/wp-content/uploads/2020/...
> RCS uses a set of standard internet protocols like Session Initiation Protocol (SIP)[1] to establish a connection between two clients through a central messaging server. This connection is then used to exchange the messages using Message Session Relay Protocol (MSRP)[2]. In some RCS deployments this server is hosted by the carrier, and in other deployments the server is hosted by Jibe Mobile from Google.
> In situations where the two clients are not on the same carrier network, they’re connected through multiple servers—one from each carrier. The connection between the RCS client app and the carrier’s messaging server is encrypted using Transport Layer Security (TLS). Server to server communications are also encrypted.
How end-to-end encryption in Google Messages provides more security
https://support.google.com/messages/answer/10262381
Google Messages end-to-end encryption technical paper
https://www.gstatic.com/messages/papers/messages_e2ee.pdf
Data security for RCS Business Messaging (RBM)
https://developers.google.com/business-communications/rcs-bu...
[+] [-] arresin|1 year ago|reply
[+] [-] paulryanrogers|1 year ago|reply
[+] [-] Svoka|1 year ago|reply
[+] [-] thedougd|1 year ago|reply
[+] [-] TechRemarker|1 year ago|reply
[+] [-] jauntywundrkind|1 year ago|reply
To their defense, that was what Apple key saying was their blocker on RCS. Some reasonable truth to it. I don't know how far or how hard Google went trying to make their extensions standards; AFAIK it's not like the web where this work & activity on it is easily seen.
[+] [-] Elfener|1 year ago|reply
So SMS goes over the phone network, online chat programs (like Discord) go over their own servers obviously, but what does RCS and iMessage go through?
Google's and Apple's servers on the internet? The phone system, seeing they're SMS-based?
Also, if I'm in the SMS messaging app, I expect my messages to be SMS, not internet-based?
[+] [-] bni|1 year ago|reply
I live in Sweden. Do carriers like Telia etc support it? Do they have their own servers or do they let Google handle it?
[+] [-] jupp0r|1 year ago|reply
[+] [-] kalupa|1 year ago|reply
[+] [-] lxgr|1 year ago|reply
As if there was any need to increase the lock-in to phone numbers and mobile carriers for communication and identification any more...
[+] [-] exabrial|1 year ago|reply
[+] [-] rldjbpin|1 year ago|reply
[+] [-] hcurtiss|1 year ago|reply
[+] [-] throw20240511|1 year ago|reply
The EU forcing Apple to adopt a cleartext protocol like RCS is deeply suspicious. Interoperability will force disclosure of message contents to the state and carrier.
(unless your phone vendor has implemented encryption in their implementation. Ie: optimistic encryption aka can’t trust if it is truly working)
Use encrypted messaging protocols — iMessage, signal, WhatsApp…
Tell the government and the carriers to pound sand and <encrypted>……
[+] [-] lucasban|1 year ago|reply
https://daringfireball.net/2024/02/eu_rcs_imessage
I’d be more concerned if RCS was replacing an encrypted protocol. Going from SMS to unencrypted RCS is still an improvement, and it’s hard to imagine it being less secure than SMS already is. And at least with RCS they have the possibility of implementing encryption in the future, which they don’t with SMS.
[+] [-] lxgr|1 year ago|reply
iMessage was explicitly determined to be out of scope of the DMA [1], simply because there isn't a meaninful user base in Europe (as is the case in almost the entire world except for the US).
[1] https://www.theverge.com/2024/2/13/23990679/apple-imessage-e...
[+] [-] distances|1 year ago|reply
I don't think it's suspicious. Almost nobody uses SMS in Europe anyway so this change is almost meaningless over here. It's just WhatsApp and then a little bit of Telegram, Signal etc on top.
I'm honestly not sure why anyone drives this (in Europe). I used to work for a mobile operator and RCS was a big thing around 2006-2009 in our R&D department. Then I changed to others jobs and almost didn't believe my eyes when it resurfaced with Google over a decade later. I was absolutely sure it was a dead horse already in 2009.
[+] [-] jacoblambda|1 year ago|reply
Using RCS E2EE is trivial. The way google does it is to simply pack signal protocol messages in the RCS message payload. It works great and it's simple.
Key identities are managed with a central identity server (like signal does) of course but that's because it's only supported on Google's jibe platform.
This can be trivially resolved by having each carrier who supports E2EE to host a key identity server so that you can lookup keys by phone number (which RCS already uses to point you to the right federated carrier service).
All that's missing from RCS having E2EE by default is google having literally anyone else adopt RCS forcing them to properly federate E2EE.
[+] [-] bjoli|1 year ago|reply
[+] [-] happymellon|1 year ago|reply
I'm not even sure what RCS is, other than a replacement text service that American phone companies offer. I am not aware that it's something that I could use over here.
[+] [-] vibbix|1 year ago|reply