It's really not. It's a step up from SMS, but the real future is true end-to-end encrypted communications. Signal is the next step up, and then hopefully we'll eventually get really secure messaging where the core OS doesn't help leak out your information.
> It's really not. It's a step up from SMS, but the real future is true end-to-end encrypted communications.
I thought this was a board filled with futurists? Can we really imagine no future scenario where the RCS spec gets E2EE?
At least Apple seems to think it's worth trying. And I think they'll succeed.
This kind of annoying defeatism is why SMS took so long to upgrade to RCS in the first place. "Eh it sucks right now and there's no use working together to make it better, lets just lock everyone into our own app and move on." If this mentality never changed we would not be enjoying RCS's benefits at all.
And to be clear, over 1 billion monthly active users are benefiting from RCS features _right now_ (and a good chunk of them are enjoying Google's proprietary E2EE). Look at a line chart of RCS adoption and tell me again it's not the future.
> I thought this was a board filled with futurists? Can we really imagine no future scenario where the RCS spec gets E2EE?
The quality of posts on this site notably declines when Apple needs to be defended. You get posts lacking intellectual curiosity abundant, seemingly not putting in the work to think critically about policy implications, what's best for the industry, or even how technologies work. You'd be forgiven for thinking you were on Reddit on these threads, as the typical respondent fails to read the other threads, fails to learn from each other, fails to be deep and thoughtful about their position, their arguments and the positions and arguments of their fellow chatters.
You see the same misconceptions and the same falsehoods long debunked on every previous thread discussing these matters regurgitated with confidence. And it's another struggle to try to educate on these issues.
Thanks for approaching this with curiosity and a desire to improve these standards, it's so unfortunate so many who would claim themselves technologists would embrace the status quo and ignore what's possible in the future.
Google implemented E2E four years ago. While they could have got started (and announced that they had gotten started) on the path to standardization of standard E2E on day one, it takes a lot of time for this stuff to be developed. It goes a lot faster though when Apple and Google work together, because the usual stakeholders (GSMA) are forced to move faster.
What Google's approach proves is that it is perfectly possible to layer E2E encryption on top of RCS in a way that does not require a carrier to add their own support, which is something I am sure Apple is interested in. For details on that here is Google's white paper: https://www.gstatic.com/messages/papers/messages_e2ee.pdf
The reason it took so longe is because carriers are still involved with RCS, and carriers suck.
Every successful messaging protocol aside from SMS does so by routing around the carrier and sending messages over data. iMessage, WhatsApp, telegram, signal etc.
Yeah, although I do like RCS, for instance my network dragged their heals in updating to latest specs and was always broken and patchy at best, until they just gave up and handed all their RCS infrastructure over to Google to run directly. Networks are surprisingly bad at implimenting tech.
Why is E2EE the argument people keep jumping to with RCS? The bigger problem is the reliance on carriers, that's far worse. Far fewer people are talking about that issue (thankfully there are some in the comments below, I've never seen anyone on Reddit mention it)
Signal the protocol can be and is implemented by third parties. Signal the platform, is different. Keep in mind Signal's only centralised part is thin server that acts as a relay. Matrix is a thin client protocol that relies on server to enforce soundness rules.
IDK what's your point.
A encryption protocol isn't enough to replace SMS.
Linearized Matrix is, and uses the Signal Protocol, though MLS probably would be a more future proof solution
RCS is trash. No E2E by default should make mentioning it on a site like HN an instant dismissal. Secondly it's effectively owned by Google (or as good as) and it relies on the carriers (the same people who brought us SMS). Why people want to run headfirst into the arms of carrier+Google is beyond me, especially for a "standard" that is anything but and will undoubtedly wither on the vine. Carriers will not make any improvements (see SMS/MMS) and Google will probably lose interest when they turn their attention to their 10014124120412412th attempt at a chat app.
First, the pricing model. Similar to SMS, RCS is a service provided by carrier. Many carriers include unlimited text messages in their phone plans, but not all carriers do that. And that's only for domestic messaging. When it comes to international communication, would carriers handle RCS like an instant messaging app or charge users per text message like SMS? That could be a huge number on the bill.
Second, the structure and server. Currently, most carriers have given up on making their own RCS infrastructure and let Google's Jibe run it. If iOS joins RCS, and RCS is implemented globally in the future, how would messages be transferred between different carriers, different cloud platforms, and different operating systems?
This "Zuckerware" is powerful enough to defeat judges, governments. It works just like Signal, same end-to-end encryption implementation.
Network effects make the perfect solutions dead on arrival. It's pointless to complain. I'll just count my blessings instead: never in the history of humanity have so many people used something this secure to communicate with each other.
Most people with a phone have a phone number and can thus use SMS (literally the opposite of a "perfect solution," mind). I can't think of a bigger network effect than literally every person that owns a cellphone.
Maybe other countries should catch up to the US and make texting free.
> I'll just count my blessings instead: never in the history of humanity have so many people used something this secure to communicate with each other.
Alternatively, never in the history of humanity has so much of our core, private communications been captured by a single for-profit entity. An entity with a rich, recent history of serious moral failings (Cambridge Analytica, internal teen suicide studies, etc.)
Meta can and will molest WhatsApp to suit their needs. Be real careful with that auto-update. Call me Chicken Little but I would never have made a comment like this 10 years ago. Facebook's behavior is a matter of history now.
Yeah, a decent litmus test is if you sign into a service from a new device and without much effort all your chats/messages/history or whatever is there, the security is weak.
I got off WhatsApp years ago so I am not sure what's changed but back then if you signed on from any random browser, it was able to sync everything instantly and you'd see all your messages. This was after they claimed that it was E2E encrypted. What was explained to me at the time was that you share your encryption key with Facebook and hence the syncing.
Chat backups are end-to-end encrypted now. You're right that it wasn't encrypted for a long time though.
I'm not claiming it's the ideal solution. I'm claiming it's much better than lots of other things that came before. There's no point in having a perfect solution if the people I know don't use it. Everyone I know uses WhatsApp. It's a fact that life could be much worse than it is. They could be using SMS.
RCS does not support any end to end encryption. Yes you can send end to end encrypted messages over it, same as over SMS, but it's not part of the protocol. I don't hope RCS is the future, I don't want my ISP or any intermediate party to read my text messages, thank you.
Traveling with family it’s been nice to use the WhatsApp but it’s ui is and the onboarding was so bad - took about 10 tries to get it working … I’m amazed how many people use it… but pretty hard to compete with 0 cost service…
Oh I definitely agree with you that I hope WhatsApp is the past. I sure do hope for something open, not sure if RCS is the solution here though.
In any case, iMessage share the exact same issues and also adds the issue of locking you to a single platform, so at least WhatsApp solves one issue that iMessage has.
> let's trade international protocols for Zuckerware. What could go wrong?
To be clear, you want to use "international protocols" that aren't even E2EE by default over WhatsApp, which is built on the Signal protocol with the help of Signal engineers?
To be clear, I am fine delaying my personal use of E2EE for several years as the GSMA and Apple work together on adding it to the spec.
If you are a political dissident or in a vulnerable position, I don't know your situation and my advice may not apply.
In the meantime, my texts have been unencrypted since I've owned my first phone. If continuing the status quo for 2-4 more years means that Meta does not become even more entrenched and powerful, so be it.
My emphasis on "international protocols" was to highlight how big an advantage that is when we're seeing countries including the US building up their own Great Firewalls and tightening export controls. If WhatsApp came from China we might be talking about banning that instead of (or in addition to) TikTok right now. Regardless of the merits, that's just the direction countries are moving in now.
It's a bit harder to just ban SMS. You can try, but it's a hell of a lot harder and there's going to be more holes to drive vulnerabilities through.
Carriers are basically infinitely evil all the time. I'd much rather be at the mercy of a Silicon Valley company than an "open standard" that leaves anything up to the telecoms.
I never thought I'd defend ISPs... (especially since an ISP destroyed my credit "on accident" 10 years ago) but there is no comparison to Facebook.
ISP's list of evil acts: failing to update infrastructure, failing to protect against intrusions, general technical and customer service ineptitude, absolute fealty to state requests for information (both official and sometimes unofficial), hijacking web requests to inject ads, and adding surprise undisclosed fees on a seemingly-random basis.
Facebook's: Where to even start.
Burying internal research directly linking Instagram to teen suicides (including a majority of teens surveyed saying they wish Instagram didn't exist even though they use it 5+_hours a day).
Running nonconsensual psyop experiments on unsuspecting users and measuring their emotional responses like unpaid guinnea pigs (in fact, because of Facebook's revenue model, it was like users were paying Facebook for the privelege!)
It's like comparing a molotov cocktail to a dirty bomb. Yes, both are evil and bad, but we can tell there's a difference there, right?
---
To go beyond list wars, it's also just a matter of scale. You can be a mini-Hitler but if you're in an empty room you're not going to do that much damage. If you're at the Superbowl, though...
The largest US ISP is Comcast at about 30,000,000 subscribers.
Facebook has 2,900,000,000 monthly active users.
The sheer scale is also the problem. Scale gives them unfathomable power and access. It should make every non-Meta shareholder uncomfortable IMO. If there were only one mega-monopoly-ISP for the whole of the US, I'd feel similarly uncomfortable. But that isn't the case, in fact more ISPs seem to be starting up recently.
Put another way: An evil act from an ISP would hurt X number of people. An evil act from Facebook would hurt X^5 people. And I believe Facebook's acts are in general more evil than an ISPs.
You left out the fact that ISP’s are effectively a monopoly in most regions of the US, which is a problem even if it happens to be a different company holding the monopoly per region.
Exactly my point. Everyone knows that "Facebook sells your data" but what's actually demonstrable is Facebook uses your data internally for ad targeting purposes, which I'm fine with. Verizon, AT&T, et al are at just as problematic a scale (if not more!) and they are literally out there exchanging CSVs for cash.
Supporting open standards and getting mad about Cambridge Analytica in the same breath is incoherent. The critique here, and the response that Facebook and other tech companies actually undertook to placate the outrage, was that the platform APIs were too generous, and users should not have been allowed to delegate their accounts’ privileges to third parties not vetted by the platforms.
Insane to me the amount of WhatsApp evangelism I read on this site. Sure, let's trade international protocols for Zuckerware. What could go wrong?
SMS/RCS are flawed but can be improved. Advocating instead for Meta-produced software is irresponsible and reckless IMO.