Path: ...!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: =?UTF-8?Q?J=C3=B6rg_Lorenz?= <hugybear@gmx.net>
Newsgroups: comp.mobile.android,misc.phone.mobile.iphone,comp.sys.mac.system
Subject: Re: DOJ is correct that Apple iPhone is far less secure than Android
 when RCS messaging is involved
Date: Fri, 19 Apr 2024 23:02:48 +0200
Organization: Camembert Normand au Lait Cru
Lines: 32
Message-ID: <uvum5o$36huv$2@dont-email.me>
References: <uud0lh$13jd4$1@paganini.bofh.team>
 <l79vbsFqv6iU1@mid.individual.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Fri, 19 Apr 2024 23:02:48 +0200 (CEST)
Injection-Info: dont-email.me; posting-host="2da53ce1cb7ce7349f7d3e089015b0cf";
	logging-data="3360735"; mail-complaints-to="abuse@eternal-september.org";	posting-account="U2FsdGVkX1+ZrW7i47Eqfqt5l377nZFLjIOpn6scHNg="
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:115.0)
 Gecko/20100101 Thunderbird/115.10.0
Cancel-Lock: sha1:Do/VGNSSw0BMfFPHRrN/TNQBaSI=
In-Reply-To: <l79vbsFqv6iU1@mid.individual.net>
Content-Language: de-CH, en-GB
Bytes: 2577

Am 05.04.24 um 11:42 schrieb Arno Welzel:
> Tamborino, 2024-04-01 02:55:
> 
>> This is the common misunderstanding with both RCS in general and Apple's
>> update in particular. RCS is not end-to-end encrypted.
> 
> RCS *is* end-to-end encrypted. But this is not mandatory, so using
> unencrypted connections is possible. But the Google messaging app in
> Android will show you if the recipient has RCS and also if the
> connection is encrypted.
> 
>>
>> Yet, for conversations between Google Messages users, end-to-end encryption
>> is now enabled on your Android phone by default.
>> https://www.forbes.com/sites/zakdoffman/2024/03/30/new-apple-iphone-16-pro-max-and-ios-18-leak-googles-imessage-warning/
>>
>> So unlike iMessaging between iPhone users or Google Messaging between
>> Android users, or more importantly WhatsApping between iPhone and Android
>> users, RCS between iPhone and Android will not have that level of security.
> 
> But this is not the fault of RCS.

Sure. It is Google's fault.
Secure communication is not possible with RCS and Apple does not want to 
adopt such an inferior level of security for iOS to iOS-communication. 
With RCS a MIM-attack is always possible. The NSA is already smiling ...

RCS is dead and more than redundant.

-- 
"Gutta cavat lapidem." (Ovid)