Can anyone confirm the biggest issue (in my opinion) with RCS? It's not end-to-end encrypted.
Update: Confirmed it myself [1]. End-to-end encryption is not even an option. Which is perfect for the data addicts like Google. But honestly I would never ever recommend this as an avenue for people to use over something like WhatsApp.
It's almost certainly the carriers imposing this restriction. The reason these features took so long is because, as they did for SMS, every single carrier across the world has to get on board with this. , so I'm sure that's the reason it's not encrypted. The Messages app might be a Google product, but the underlying transport has to be implemented by carriers, and I'm sure there are many, many carriers who aren't interested in encrypting the messages that are carried across their networks (either because they don't have the technical competency, they want the data for themselves, or they have to comply with local law enforcement regulations about texting).
This is not to excuse the lack of encryption, but the finger should probably be pointed more at carriers (and maybe OEMs) than at Google.
One question I have is whether Google-account to Google-account messages will be encrypted, like how Apple does it with their iMessage/SMS boundary within the same app...
Encryption can be done on device. Google as the major player could simply implement it without carriers' approval and without changing underlying protocols. Instead they have chosen to route unencrypted messages through their servers.
> or they have to comply with local law enforcement regulations about texting.
Carriers can record encrypted messages and provide them to police and courts.
Is there any reason someone couldn't make an sms client that gives the option of encryption assuming the person you are conversing with was using a client following the same encryption protocol? It would require a few automated texts to exchange keys but would allow encrypted communication over sms easily.
I'm guessing there just isn't a big enough market for it given that people are willing to create an account with WhatsApp to get the same thing.
That's exactly what TextSecure (now Signal) used to do[0]. Since the code is open-source, somebody has forked the SMS code and apparently kept it alive[1]. (It's even on both F-Droid and Google Play.)
Indeed, this seems to be needlessly kicking life back into SMS when it was already being replaced by better systems that respect privacy.
Of course the decentralized nature of SMS is a good benefit but given how most telecoms are oligopolies disinterested in customers concerns about privacy (and plenty of other things like customer service) it pretty much defeats the value in it.
It's a phone based messaging medium. If you have a phone number, you can send a message. That's not nothing. I know the phone numbers of far more people than I know the name of their apple account, or google account, or facebook account, or whatever.
The general answer to that is to exchange account information, but the easiest way to do that is through SMS... and here we are. Upgrading SMS so it's better. It's not perfect, but I'm happy for any advances they can make to it.
And as for why it's not encrypted end-to-end, the spec started back in 2008. That wasn't even on most people's radar back then. It's possible once we see some actual uptake of the protocol, we might see some more movement towards adding features (continuously adding features before something is in use is just a good way to make sure it never actually makes it into use).
Knowing someone's phone number means you can reach them on WhatsApp. At least, that's true for 2B (out of 5B) of phone numbers, which is likely to be 1,000 times the number of RCS users.
The second and most important advantage of WhatsApp is that you don't have to maintain an address book anymore. People change phone numbers and the new number is automatically reflected in WhatsApp. It's quite likely that address books on phones are outdated and thus stale.
> Knowing someone's phone number means you can reach them on WhatsApp
...that would be super useful if I had WhatsApp installed. It also means that WhatsApp is tracking the phone number of all the people and doing selective (assuming only your friends can see it) publishing of it. I guess that's usually okay, but it also kinda wierds me out that it leaks info that way.
My phone number is already managed by me, I've given it to the people I want to have it. This really just limits any WhatsApp messaging I would to to entities that I want to have my phone number. It's probably much easier to block WhatsApp accounts (and attempted messages) than calls (phone calls which are synchronous communication have a much higher urgency to me than some random phone ding that's async).
Sure, agreed it's useful as a backbone sort of system like phones.
Which will always be the biggest fundamental flaw with something like Signal or WhatsApp (the need for centralized servers, the requirement to install 3rd party software).
There may be a role for these telecom services to exist perpetually as a backup services, while everyone still uses apps as their primary communication method. But RCS seems to be trying to bring SMS to parity with messaging apps supporting emoticons and media-heavy content, the intention is the same "conversations with friends" use-case as the messaging apps.
There may even be an argument to keep SMS dumb and simple like phone lines. Especially if they aren't going to adopt encryption with the rest.
> But RCS seems to be trying to bring SMS to parity with messaging apps supporting emoticons and media-heavy content
I think it's more that RCS is attempting to bring SMS into the 21st century, if barely. Those aren't exactly amazing features, they're the lowest bar for entry you could meet for a messaging app in 2010. 2019 has a much higher bar, as everyone here is noting.
It's not just the features but them combined with a very cleanly designed messaging app ala WhatsApp. They aren't amazing or new on their own but they've become standard and essential in the 3rd party messaging apps.
There's a lot RCS is going to do to make SMS difficult to distinguish from WhatsApp for most people, especially these days as they've matured and everyone has finished copying the other guy.
To be clear, I was saying the RCS features aren't exactly amazing, and are 2010 level standard, not that WhatsApp's features aren't good.
If the base level RCS features make it hard for WhatsApp to stand out, and the base level RCS features are really fairly poor in comparison to what can be offered, that begs the question of what WhatsApp is bringing that's worth it's use. End-to-end encryption is the answer, but there's other apps that may do that better.
If the real big differentiator is end-to-end encryption, then I think the solution isn't to push people to not use RCS, which has inherent qualities that mean it will always have at least some market, but after it's here we immediately push for extensions to it that allow end-to-end encryption. If that's accomplished, that immediately sets the real floor for every messaging app, and if they aren't offering the same the two questions are why bother with it at all if the built in stuff is better, and why aren't they doing it if it's the market floor, what are they gaining from being able to see the messages?
SMS is the lowest common denominator of messaging. RCS will be the lowest common denominator of messaging. We should use this opportunity to cement that, and then keep the momentum up and use it to push for other essential features like encryption.
* With a free service, the data is the asset which the company obtains by offering the service.
* With whatever service, the company may receive a subpoena, an NSL, etc. It's easier to comply when you have the data than to prove that you can't comply because you only transfer the encrypted packets, and have no way to bug the client devices, too.
If you want end-to-end encryption, run your own Signal server, or something, and hope that you're flying below radars.
> With a free service, the data is the asset which the company obtains by offering the service.
RCS competes with iMessage and WhatsApp, which are both "free" services (IIRC WhatsApp business model is paid commercial messaging customers and iMessage business model is paid devices). Both of those offer encryption features.
They don’t have to. As long as they keep the color differences between iMessage and non encrypted messages people will learn. Everyone smokes or does something technically illegal. They just have to be told that the middle men archive all text messages.
One really obvious thing for Apple to do, which has always been a really obvious thing for Apple to do, would be to distribute a version of iMessage on Android.
> "iMessage is literally the single most important selling point of iPhones in the US."
Given the lack of emphasis Apple puts on iMessage in their marketing, it seems unlikely it's the single most important selling point. On the opening page for the newest iPhone, it's mentioned in a single sentence in a paragraph on Security down near the bottom of the page, hardly pride of place.
Granted, I don't see Apple opening iMessage for other platforms for a number of reasons, including product differentiation, but at least Apple seems to think there are many more features to highlight before getting around to iMessage.
Update: Confirmed it myself [1]. End-to-end encryption is not even an option. Which is perfect for the data addicts like Google. But honestly I would never ever recommend this as an avenue for people to use over something like WhatsApp.
[1]: https://www.theverge.com/2019/11/14/20964477/googles-rcs-cha...