Extremely close-up shot of feminine finger scrolling on smartphone display in a darkish surroundings.
gettyFor Android customers, your telephone has abruptly modified. It took simply 14-days to destroy years of gradual RCS progress with a safety nightmare that’s now getting worse. Even the mainstream media is warning customers away from RCS, leaving Google with some pondering to do. And Apple’s shock transfer might imply it’s already too late.
On November 19, a concerted marketing campaign between Google and Samsung “welcomed a brand new period of extra seamless, cross-platform messaging… Samsung partnered with Google to assist drive the adoption of RCS, a contemporary, interoperable commonplace for enhanced messaging. Now with the newest model of iOS supporting RCS, the advantages can be found past the Android ecosystem when messaging throughout platforms. This wider adoption takes the trade one step nearer to a common seamless messaging expertise, bettering how customers join around the globe.”
The small caveat in Samsung’s press launch obtained little pick-up within the media on the time. “Encryption is barely obtainable for Android to Android communication,” it mentioned. But precisely two-weeks later, on December 3, that was abruptly all that mattered.
The FBI and CISA shocked the mobile world with their Salt Typhoon revelations, as Chinese hackers marauded by way of U.S. networks, seemingly at will. It is “ongoing and certain bigger in scale than beforehand understood,” the officers warned. And then the kicker: residents must be “utilizing a mobile phone that routinely receives well timed working system updates, responsibly managed encryption and phishing resistant MFA for e mail, social media and collaboration software accounts,” the FBI warned.
And similar to that, RCS was uncovered in its “Emperor’s New Clothes” for all of the world to see. When even Reader’s Digest warns its readers “why does it abruptly say ‘RCS’ in a few of your texts? Here’s the way it may very well be an enormous safety threat,” you understand you’ve got a major problem, and one which has absolutely hit the mainstream.
It’s inconceivable to overstate the potential significance of this on your telephone. In a heartbeat, religion within the inventory messaging that underpins the mobile ecosystem—SMS now morphing into RCS—has been undermined by U.S. regulation enforcement. I believe this can result in main adjustments on our telephones in 2025.
RCS is little understood. While it’s a provider networking protocol that was developed as a successor for the woefully insecure SMS, its use is sort of solely now inside Google Messages. Other RCS platforms, particularly within the U.S. (1,2), are pushing customers to Google Messages. As such, Google Messages has develop into Android’s iMessage different, however one with a killer vulnerability buried deep inside.
The FBI’s textual content warning was really extra difficult than it appeared on the time. The Bureau emphasised “responsibly managed encryption,” by which it meant regulation enforcement accessing encrypted content material with a courtroom warrant if wanted. The end-to-end encryption all of us use on our telephones does not enable that, even the businesses operating the providers—Meta, Apple, Google, Signal—can’t entry your content material.
Ironically, Apple did used to supply precisely the form of encryption backdoor the FBI desires to see made extra obtainable. it was once inconceivable to backup iMessage or run it cross-device with out storing a replica of your iMessage encryption key in iCloud which may very well be used to unlock your backup. That has now modified, although, and Apple provides full iCloud encryption which implies that backdoor has slammed shut.
But that twist was neglected—the story turned one about fundamental content material safety and the necessity to shield texts and calls from hackers inside U.S. networks.
And whereas initially the publicity of RCS was nearly Android to iPhone texting, the place Apple’s determination to undertake the usual RC S protocol meant no end-to-end encryption between Google Messages to iMessage, that quickly turned worse.
Cue tech blogger John Gruber, who warns that Google Messages is “shamefully deceptive relating to assist for end-to-end encryption… [it] does assist E2EE, however solely over RCS and provided that all individuals within the chat are utilizing a latest model of Google Messages,” although its Play Store description “flatly declares ‘Conversations are end-to-end encrypted’, full cease.”
Gruber’s argument is that “it’s downright fraudulent to explain Google Messages’s transit safety this manner. Imagine a typical Android person with out technical experience who takes the recommendation (now coming from the FBI) to make use of end-to-end encryption for his or her messaging. An affordable one that trusts Google would have a look at Google’s personal description of Google Messages and conclude that in case you use Google Messages, all of your messages shall be safe. That’s false. And relying who you talk with — iPhone customers, Android customers with outdated gadgets, Android customers who use different textual content messaging apps — it’s fairly seemingly most of your messages received’t be safe.”
And that encryption warning is getting extra broadly picked up. “Google Messages [is] placing American customers in danger,” Phone Arena reported on Thursday, citing Gruber’s blogpost and warning that “cross-platform RCS messaging is not end-to-end encrypted, which is why iOS and Android customers ought to think about using third-party apps like WhatsApp or Signal to textual content one another.”
The actuality is that Apple and Google have taken utterly completely different approaches to messaging and that now reveals. Apple’s iMessage is arguably the most effective messaging structure obtainable at the moment. It is totally safe, runs seamlessly throughout a number of gadgets counting on Apple’s trusted machine structure, and integrates with its equally safe FaceTime platform so as to add voice and video calls into the combination.
Contrast that with Google Messages, which added an after-market encryption wrap round RCS that solely works when latest variations of its personal app are used on all sides of a chat. There is not any safe calling choice, and it’s a lot tougher to note in case your textual content is safe or not—there isn’t any blue/inexperienced bubble equal.
“We have labored exhausting for years to make RCS the usual for improved cross-platform messaging, and Samsung has been instrumental within the rising adoption of RCS,” Google mentioned in that joint PR with Samsung, with the Galaxy maker including that “RCS is rapidly turning into the universally adopted, fashionable messaging commonplace, enhancing communications for customers in every single place.”
That was lower than a month in the past—it hasn’t aged effectively.
So, the place does this go away Android customers? If you care in regards to the safety of your messages—and never all customers do—then it is best to change to a safe platform. You can put apart the headline Meta privateness warnings, WhatsApp is simply nice albeit Signal is best. And whereas there may be additionally a safer RCS protocol within the works, that received’t flip up and be deployed quickly sufficient to deal with the FBI texting warning.
Is there any means again for RCS? That will depend on Apple. The iMaker was clearly reluctant to undertake RCS within the first place, and did so whereas nonetheless warning that it’s not safe and is open to provider interception—even earlier than Salt Typhoon turned up. The newest iPhone firmware—iOS 18.2—additionally provides customers the choice to alter default messaging, which makes an RCS restoration even tougher.
If Apple and Google rapidly announce a totally encrypted bridge between Google Messages and iMessage, then they actually will utterly change the messaging panorama and ship the “common seamless messaging expertise, bettering how customers join around the globe,” that Samsung and Google have promoted. Absent that, there isn’t any means again for RCS to compete with the options.
