Hacker News new | ask | show | jobs
by danShumway 927 days ago
When Apple sends messages via SMS, they are sending your messages to 3rd party clients who could sell your messages for ad targeting or worse. Apple already does this. They already send your messages to random clients who could be spying on you.

It's just that in addition to sending your messages to 3rd party clients that could be stealing the data, Apple goes the extra step to make it even more insecure and also sends your messages completely unencrypted, so that everybody along the path from your device to the 3rd-party client can join in and also read your messages and can also use them for ad targeting or worse.

I'll make the argument that this is strictly worse for security than tolerating an encrypted 3rd-party client (or better, releasing their own 1st-party client rather than relying on SMS).
1 comments
paulmd 927 days ago
isn’t googles RCS encryption a proprietary non-standard that other companies have requested to interop against and been ignored?

yeah can’t imagine why apple doesn’t use it

link
danShumway 927 days ago
Google's RCS standard is garbage.

But Apple doesn't have to use it. They could release a messaging app for Android that used their own encryption, and they could encourage Android users to switch. But they don't do that, because distinguishing between Android and iOS users is ultimately more important to Apple than securing the conversations that Apple users have.

If RCS is garbage (and it is) then it is extremely weird that Apple has committed to supporting RCS for cross-platform messages instead of encouraging adoption of what would be a superior form of encryption for those conversations.

What you have to ask is, if you are an Apple user, why isn't Apple trying to encrypt every message that you send? Why are they asking you to use a garbage protocol when you send messages to Android users?

> yeah can’t imagine why apple doesn’t use it

Really, this statement should be reversed, it's difficult to imagine why Apple is planning to use RCS. Why is Apple more willing to implement a garbage protocol than they are willing to release a messaging app for Android?

link