> Lack of encryption was one SMS shortcoming that RCS was created to solve.
No it was not. Google added encryption but it was not part of the standard until recently. RCS itself was not created, in part or in whole, to provide E2EE. That it has it now is great (in the standard, broad rollout still to come), but it should not be misrepresented as some privacy-centric service.
It sometimes necessitates losing messages (especially when one or other endpoint of a conversation gets lost/reset). You're gonna have to have all other components of the app ready to deal with lost/undecryptable messages.
It makes a bunch of future features harder to implement (group chats, web UI for viewing messages).
It makes anti-spam harder, since you can no longer just have a server side detector for messages containing 'b1tc0in'.
It makes it much easier for an attacker to use your infrastructure for botnet command and control or distributing child porn, and there is no way for you to detect or block it, despite laws requiring you to do so.
From the subheading:
> Lack of encryption was one SMS shortcoming that RCS was created to solve.
No it was not. Google added encryption but it was not part of the standard until recently. RCS itself was not created, in part or in whole, to provide E2EE. That it has it now is great (in the standard, broad rollout still to come), but it should not be misrepresented as some privacy-centric service.
Why on earth didn't it have e2e encryption by default from the start??
My bet is because everyone involved wanted the ability to snoop messages...
Still can't use it on my iPhone though...
The standard was literally finalized in the last day or two.
But I bet Apple will take at least 3 years to implement it.
They don't want to see iMessage's lead eroded.
Who cares?
People use iMessage because it works great and automatically between iPhones.
I don’t choose to use RCS or iMessage, it’s chosen for me by whoever I’m messaging based on what kind of phone they bought.
RCS being E2EE won’t change market share numbers one iota.
We don't have end to end because the powers that be won't allow it.
There isn't any real technical hurdle.
E2e is a pretty big technical hurdle.
It sometimes necessitates losing messages (especially when one or other endpoint of a conversation gets lost/reset). You're gonna have to have all other components of the app ready to deal with lost/undecryptable messages.
It makes a bunch of future features harder to implement (group chats, web UI for viewing messages).
It makes anti-spam harder, since you can no longer just have a server side detector for messages containing 'b1tc0in'.
It makes it much easier for an attacker to use your infrastructure for botnet command and control or distributing child porn, and there is no way for you to detect or block it, despite laws requiring you to do so.
And yet, they are allowing it.
e2ee is largely subverted so long as manufacturers can push updates that can't possibly be audited by anyone but the manufacturers.
Security that relies on apple having a backbone is inherently fragile.