top | item 40639643

(no title)

throw20240511 | 1 year ago

RCS is out-of-the box an unencrypted messaging protocol.

The EU forcing Apple to adopt a cleartext protocol like RCS is deeply suspicious. Interoperability will force disclosure of message contents to the state and carrier.

(unless your phone vendor has implemented encryption in their implementation. Ie: optimistic encryption aka can’t trust if it is truly working)

Use encrypted messaging protocols — iMessage, signal, WhatsApp…

Tell the government and the carriers to pound sand and <encrypted>……

discuss

lucasban|1 year ago

All signs point to this being a response to Chinese regulation, not the EU.

https://daringfireball.net/2024/02/eu_rcs_imessage

I’d be more concerned if RCS was replacing an encrypted protocol. Going from SMS to unencrypted RCS is still an improvement, and it’s hard to imagine it being less secure than SMS already is. And at least with RCS they have the possibility of implementing encryption in the future, which they don’t with SMS.

lxgr|1 year ago

The EU is doing no such thing.

iMessage was explicitly determined to be out of scope of the DMA [1], simply because there isn't a meaninful user base in Europe (as is the case in almost the entire world except for the US).

[1] https://www.theverge.com/2024/2/13/23990679/apple-imessage-e...

distances|1 year ago

> The EU forcing Apple to adopt a cleartext protocol like RCS is deeply suspicious. Interoperability will force disclosure of message contents to the state and carrier.

I don't think it's suspicious. Almost nobody uses SMS in Europe anyway so this change is almost meaningless over here. It's just WhatsApp and then a little bit of Telegram, Signal etc on top.

I'm honestly not sure why anyone drives this (in Europe). I used to work for a mobile operator and RCS was a big thing around 2006-2009 in our R&D department. Then I changed to others jobs and almost didn't believe my eyes when it resurfaced with Google over a decade later. I was absolutely sure it was a dead horse already in 2009.

jacoblambda|1 year ago

> Use encrypted messaging protocols — iMessage, signal, WhatsApp…

Using RCS E2EE is trivial. The way google does it is to simply pack signal protocol messages in the RCS message payload. It works great and it's simple.

Key identities are managed with a central identity server (like signal does) of course but that's because it's only supported on Google's jibe platform.

This can be trivially resolved by having each carrier who supports E2EE to host a key identity server so that you can lookup keys by phone number (which RCS already uses to point you to the right federated carrier service).

All that's missing from RCS having E2EE by default is google having literally anyone else adopt RCS forcing them to properly federate E2EE.

bjoli|1 year ago

That depends on how apple decides to implement it. They are a huge player, and I am sure they can make some kind of agreement with google so that they can message through the jibe servers which use the signal protocol.

happymellon|1 year ago

Why would you suggest a conspiracy theory like that?

I'm not even sure what RCS is, other than a replacement text service that American phone companies offer. I am not aware that it's something that I could use over here.

sib|1 year ago

RCS is a messaging service / protocol developed by the GSMA (the global system for mobile communications), a non-profit industry association representing mobile telephony operators worldwide. Nothing to do with American phone companies.