So essentially, it's not really an Apple thing, it's more that the universal RCS profile just didn't have encryption, and Google RCS was a non-standard extension that nobody else was allowed to use.
The real news is the update to GSMA RCS, because without that, none of this matters. What I'm missing in the article is who's going to own the keys and why this is probably going to default to the telcos as if it's MMS. Are they going back to the days of charging per message?
With iMessage you'd be putting your trust in Apple, with Google RCS you'd be putting your trust in Google. For WhatsApp that'd be Meta and for Signal that's Signal. But with GSMA RCS?
I understand your point that the "news" part is that RCS standard now includes E2EE, rather than about Apple's support for said standard.
But I don't think it's fair to suggest or imply that this development is unrelated to Apple either.
RCS has been a thing for nearly a decade, and Google's RCS backend has been doing non-standard E2EE for half that time.
Within 8 months of Apple publicly announcing they would adopt RCS and work with GSMA to support standardised E2EE, there is suddenly a standard for it...
Yes, Google only made it available for Google Messages. They don't have an SDK or API you can use to make your own clients or servers. Google also didn't put it up for standards with the GSMA or any other standards body, at least not publicly. There are no records of it.
There are some older submissions here you can probably find using one of the HN search sites about this, but IIRC those didn't really have any internal Google policy about this, they kept it all pretty private. The only 'leak' I remember about this was the thing where manufacturers that preload Google Android have to ship Google Messages to get RCS support from Google, otherwise they can't have it. Also means you can't have RCS without Play Services.
Look at Google’s documentation: they explicitly state that only their Messages app is allowed to talk to their key exchange server. The entire marketing campaign they ran about RCS was predicated on nobody reading their docs or noticing all of the Android developers begging for permission to use RCS for years.
> E2EE is implemented in the Messages client, so both clients in a conversation must use Messages, otherwise the conversation becomes unencrypted RCS. In rare situations where the conversation starts as E2EE, then one of the clients migrates to a different RCS client or an older Messages client that does not support E2EE, Messages might be unable to detect the change immediately. If the Messages user sends a new message, it’s still E2EE, however the recipient client may render the encrypted base64 payload directly as message content.
It is good that commercial messengers forced GSM association to finally create E2EE standards. The reason why telcos want you to use RCS becomes obvious if you calculate how much 1Gb of data costs if sent as SMS (I guess that one could buy a car with this money).
Why was RCS even designed with a none encrypted mode? I get that the original spec isn't exactly new, but it's also not so old that encryption, security or privacy wasn't an issue.
I'm not sure about the case of RCS, but I've seen some instances of a none cipher being better for compression and deduplication, because the encryption messes with the data.
You'd normally compress the data before encrypting it as that makes the resulting cyphertext more resilient against cryptanalysis as well as reduces the amount of data which needs to be encrypted so this sounds like a bogus reason.
> The GSM Association announced that the latest RCS standard includes E2EE
> While Apple’s proprietary iMessage system already supported E2EE, this wasn’t extended to RCS messaging because the previous RCS standard didn’t provide cross-platform support
There are years between updates and then suddenly for like 6 months it'll get a slew of updates, most of which aren't user-facing. Then back to update silence. It's really odd.
So essentially, it's not really an Apple thing, it's more that the universal RCS profile just didn't have encryption, and Google RCS was a non-standard extension that nobody else was allowed to use.
The real news is the update to GSMA RCS, because without that, none of this matters. What I'm missing in the article is who's going to own the keys and why this is probably going to default to the telcos as if it's MMS. Are they going back to the days of charging per message?
With iMessage you'd be putting your trust in Apple, with Google RCS you'd be putting your trust in Google. For WhatsApp that'd be Meta and for Signal that's Signal. But with GSMA RCS?
I understand your point that the "news" part is that RCS standard now includes E2EE, rather than about Apple's support for said standard.
But I don't think it's fair to suggest or imply that this development is unrelated to Apple either.
RCS has been a thing for nearly a decade, and Google's RCS backend has been doing non-standard E2EE for half that time.
Within 8 months of Apple publicly announcing they would adopt RCS and work with GSMA to support standardised E2EE, there is suddenly a standard for it...
Is there anything that shows "no one was allowed to use it" or was it that it wasn't an accepted standard?
Yes, Google only made it available for Google Messages. They don't have an SDK or API you can use to make your own clients or servers. Google also didn't put it up for standards with the GSMA or any other standards body, at least not publicly. There are no records of it.
There are some older submissions here you can probably find using one of the HN search sites about this, but IIRC those didn't really have any internal Google policy about this, they kept it all pretty private. The only 'leak' I remember about this was the thing where manufacturers that preload Google Android have to ship Google Messages to get RCS support from Google, otherwise they can't have it. Also means you can't have RCS without Play Services.
Look at Google’s documentation: they explicitly state that only their Messages app is allowed to talk to their key exchange server. The entire marketing campaign they ran about RCS was predicated on nobody reading their docs or noticing all of the Android developers begging for permission to use RCS for years.
https://www.gstatic.com/messages/papers/messages_e2ee.pdf
> E2EE is implemented in the Messages client, so both clients in a conversation must use Messages, otherwise the conversation becomes unencrypted RCS. In rare situations where the conversation starts as E2EE, then one of the clients migrates to a different RCS client or an older Messages client that does not support E2EE, Messages might be unable to detect the change immediately. If the Messages user sends a new message, it’s still E2EE, however the recipient client may render the encrypted base64 payload directly as message content.
[dead]
It is good that commercial messengers forced GSM association to finally create E2EE standards. The reason why telcos want you to use RCS becomes obvious if you calculate how much 1Gb of data costs if sent as SMS (I guess that one could buy a car with this money).
Why was RCS even designed with a none encrypted mode? I get that the original spec isn't exactly new, but it's also not so old that encryption, security or privacy wasn't an issue.
I'm not sure about the case of RCS, but I've seen some instances of a none cipher being better for compression and deduplication, because the encryption messes with the data.
I assume some sort of multicast.
You'd normally compress the data before encrypting it as that makes the resulting cyphertext more resilient against cryptanalysis as well as reduces the amount of data which needs to be encrypted so this sounds like a bogus reason.
When an iPhone sends a message to 555-1212, where does the iPhone get the public key for that number?
This is great in principle. I still prefer Signal as the top-shelf experience of iOS—Android communication.
Any news on if/when one will be able to send RCS from a program or device outside the monolith?
Never. It is just a fancy MMS in new disguise. Carriers / patent holders will hold to it forever while praising it as the new best thing.
Still waiting for Google Fi to turn RCS on for iOS users :(
its coming
https://9to5google.com/2025/03/04/google-fi-rcs-ios-18-4/
Announcement discussion from 2023:
Apple announces that RCS support is coming to iPhone next year
https://news.ycombinator.com/item?id=38293082
793 points | 709 comments
To be clear, this is a different announcement. That was just RCS, this is encrypted RCS.
The big difference:
> The GSM Association announced that the latest RCS standard includes E2EE
> While Apple’s proprietary iMessage system already supported E2EE, this wasn’t extended to RCS messaging because the previous RCS standard didn’t provide cross-platform support
Still waiting on a non-Google implementation of this so-called standard.
Now if only we could get Google to support RCS in Google Voice.
It’s really odd they don’t, I’m incredibly curious why.
GVoice gets forgotten about, I swear.
There are years between updates and then suddenly for like 6 months it'll get a slew of updates, most of which aren't user-facing. Then back to update silence. It's really odd.
I'm still amazed that google hasn't killed it.
I always wondered if it's still alive only because Larry or Sergey use it every day.