• Altima NEO
    link
    fedilink
    English
    arrow-up
    3
    arrow-down
    1
    ·
    10 hours ago

    Ive been slowly hearing about this over the last week or so, and I couldnt tell if it was real news or just over exaggerated.

    And everyone has been on an on about iphone to android RCS, but no word on if anything is being done to fix the vulnerability.

      • conciselyverbose@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        8
        ·
        7 hours ago

        RCS doesn’t really do a whole lot of anything. It’s a step up from SMS/MMS, but not by much.

        All the features people think they mean when they’re talking about RCS are proprietary Google extensions that only work if you go through Google’s servers. They’re basically exactly the same as Apple putting iMessage on top; Apple just brags about it while Google tries to trick you into thinking incompatibility is someone else’s fault for not giving them control.

        • AA5B@lemmy.world
          link
          fedilink
          English
          arrow-up
          4
          arrow-down
          1
          ·
          4 hours ago

          Usually I’ll defend Apple on this, but yes it’s a step up from SMS, and Apple is a big reason RCS hadnt been widely adopted as a replacement, and incremented to include more features.

          I’m definitely on Googles side here: years of no one doing anything until “fine, I’ll take care it myself”

          • sugar_in_your_tea@sh.itjust.works
            link
            fedilink
            English
            arrow-up
            1
            ·
            edit-2
            1 hour ago

            Why would you defend Apple? It’s just a stupid form of lock-in, it was at the start, and it always will be.

            If you want security, use an app that provides security. RCS does a little to protect against MITM attacks, unless that MITM is your OS vendor.

          • conciselyverbose@sh.itjust.works
            link
            fedilink
            English
            arrow-up
            3
            arrow-down
            1
            ·
            4 hours ago

            Apple didn’t bother because it sucks. It’s not an actual solution (or path to one) for messaging not to be a dumpster fire.

            Google “did it itself” exclusively for control. It’s exactly the same as their browser behavior.

      • AA5B@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        1
        ·
        4 hours ago

        Article is about phone company being hacked, so there’s a good chance that even if we had non-proprietary encryption, they’d be able to read it

        • sugar_in_your_tea@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          1
          ·
          59 minutes ago

          That’s precisely what E2EE is supposed to prevent. If the phone company gets hacked, attackers can see all the traffic going through all of their towers, so if everything is encrypted before getting to the towers, they can’t see the contents. IIRC, metadata like phone numbers can be read though, so they can see who you’re talking to, but they can’t see what you’re saying.

          The phone manufacturer, however, can see everything before it’s encrypted and after it’s decrypted.