A shocking leak has simply seemingly confirmed an enormous iOS 18 replace but in addition a crucial lacking function, one which Apple has been pushed for on the highest potential degree, and one which’s dangerous information for a billion-plus iPhone customers…
Google isn’t traditional the supply of latest iPhone and iOS leaks—however it’s this time. And it would simply be that this undermines all the advantages we might in any other case see. Apple has an issue—and absent an enormous shock that downside just isn’t getting fastened anytime quickly, as Google above all will know. As a result of Apple can’t do that alone—it wants Google’s assist.
We’re speaking RCS, the advance on Nineties SMS expertise that’s now fortunately the default on Android. Late final yr, Apple u-turned and introduced RCS would come to iMessage in 2024. As I’ve stated for a while, this implies with iOS 18. Now Google has unintentionally confirmed precisely that. However it appears to have inadvertently revealed what’s lacking as properly.
It was the eagle-eyed 9t05Google that first seen that “the Android web site has added a brand new touchdown web page for Google Messages that talks in regards to the first-party messaging expertise, whereas additionally noting that RCS on the iPhone is coming in fall 2024.” The point out, the location says, “roughly confirms” that this implies iOS 18, albeit not whether or not its first drop.
The touchdown web page has been modified with that reference eliminated, “roughly” admitting it was unintentional. TechCrunch “has confirmed that the textual content associated to Apple supporting RCS on iOS continues to be within the supply code of the web page.”
Nevertheless, it’s a reference additional down Google’s touchdown web page, one nonetheless seen, that’s crucial: “For conversations between Google Messages customers, end-to-end encryption is now enabled in your Android telephone by default.”
That is the frequent misunderstanding with each RCS basically and Apple’s replace particularly. RCS just isn’t end-to-end encrypted. So in contrast to iMessaging between iPhone customers or Google Messaging between Android customers, or extra importantly WhatsApping between iPhone and Android customers, RCS between iPhone and Android is not going to have that degree of safety.
That is crucial as a result of it’s the problem the DOJ highlighted in its lawsuit: “Apple is keen to make the iPhone much less safe and fewer non-public… Textual content messages despatched from iPhones to Android telephones are unencrypted because of Apple’s conduct. If Apple wished to, Apple might permit iPhone customers to ship encrypted messages to Android customers whereas nonetheless utilizing iMessage on their iPhone, which might immediately enhance the privateness and safety of iPhone and different smartphone customers.”
This may very well be solved in certainly one of 4 methods: an iMessage shopper for Android—however Apple has repeatedly refused this; a Google Messages shopper on iOS—however Apple doesn’t permit an SMS API outdoors iMessage, so this doesn’t work; a super-app comparable to Beeper that may pull messages from each iMessage and Google Messages—however Apple very publicly shutdown Beeper’s entry to iMessage final yr; or Apple and Google collaborating to supply end-to-end encryption between their apps.
This final level is the one which’s usually confused the place RCS is anxious. RCS is safer than SMS, however nowhere close to as safe as iMessage, Google Messages, Sign, WhatsApp and even Fb Messenger. This can be fastened by an replace to the core RCS platform itself, which is what Apple indicated they might push for after they introduced RCS final yr. However given RCS was primarily developed by an initiative that launched in 2007/08 and solely grew to become the Android default final yr—fifteen years later, you may think about how lengthy and sophisticated a journey that will probably be.
The opposite manner can be for Google and Apple to supply a direct interface between their apps. Finish-to-end encryption on Android is a part of Google Messages not core RCS, and it might want to supply a bridge to iMessage. The 2 platforms use completely different encryption protocols. Google makes use of Sign’s—as does a lot of the business, Apple makes use of its personal. However that’s a solvable downside if the 2 ecosystem house owners collaborate—simply as they did with covid contact tracing.
That’s isn’t taking place, although, definitely not anytime quickly or with the iOS 18 launch. Not except Apple and Google are maintaining this a totally locked down secret, which might make little sense. It’s extra seemingly that Occam’s Razor applies and it’s simply as we’ve been led to imagine, there is no such thing as a cross-platform, end-to-end encryption coming anytime quickly.
So let’s flip to the DOJ lawsuit. Which may mandate iMessage opening as much as Beeper or related tremendous apps which might change the equation, or it would push Apple to introduce an SMS API which might additionally apply to RCS and allow Google Messages run an iOS shopper to deliver absolutely encrypted RCS to each platforms. That final choice can be dangerous information for Apple, as it might go away little consumer incentive to stick with iMessage. However that or an iMessage shopper for each platforms can be essentially the most safe answer. As WhatsApp warned, completely different endpoints are much less safe than an built-in messenger.
I’ve once more requested Apple for any assertion on its encryption plans for RCS.
And so, all informed, RCS coming to iPhone with iOS 18 is fascinating however—absent that shock change—doesn’t alter the established order a lot in any respect—we’ll discover out extra at June’s WWDC. It’s best to nonetheless use a totally encrypted, cross-platform messenger as your default. It’s best to go away SMS and RCS for OTPs, advertising texts and aged family. Really helpful apps can be WhatsApp, given its ubiquity, and Sign, given its privateness and safety and rising usability.