(Sub)Urban boyscout.Tech-whisperer. Tech-skeptic.
1046 stories
·
12 followers

★ The AT&T Data Breach Shows Why RCS Can’t Be Trusted and the Downside of Apple Adding Support for It in iOS 18

2 Shares

Here’s a hot take: last week’s news of a massive AT&T breach revealing the phone call and text messaging records of all AT&T customers for six months in 2022 exemplifies why RCS is a terrible protocol that ought not exist, and why it’s a mistake that Apple is adding support for it to iOS 18 this year.

The pro-RCS argument is that it improves upon SMS by adding support for much larger image and video attachments, as well as niceties like typing indicators. It really is just like SMS but better, which makes it seem, on the surface, like a no-brainer that all cell phone platforms should support it. In this view, the only justification for Apple’s yearslong refusal to support RCS was to maintain a maximum feature gap between iMessage (which, famously, is exclusive to Apple’s devices) and carrier-based messaging. In day-to-day use people can’t see that iMessage is fully end-to-end encrypted, but everyone can plainly see that images and videos sent over SMS/MMS look like shit. So it looks like nothing but pure spite that Apple refused, for years, to support RCS.

But the argument against RCS is strong and simple: it doesn’t support end-to-end encryption. The only new messaging platforms that should gain any traction are those that not only support E2EE, but that require it. Messaging and audio/video calls should only work through E2EE. That’s true for iMessage and FaceTime.

SMS and traditional telephone voice calls lack any encryption at all, but they’re firmly established. Just like email. But anything new should only be supported if it’s fundamentally based on E2EE. The RCS spec offers no message encryption at all. Google has implemented its own encryption for RCS, but, that’s a proprietary implementation that only works for messages sent between users who are all using Google’s own Messages app. From Google’s “Messages End-to-End Encryption Overview”:

In order to store and exchange user public keys like identity keys and prekeys, we need to have a central key server. Unlike the RCS messaging servers, the key server is currently only hosted by Google.

Perhaps, someday, the RCS spec will support an open standard for E2EE. I’m not holding my breath for that. For one thing, industry consortiums tend not to produce good solutions to hard problems, and an open standard for E2EE messaging is a very hard problem. Maybe impossible. Someone has to handle key exchange and management, but who would that be in an open standard? Then there’s the politics: law enforcement agencies the world over will pressure carriers against that. As I reported back in February, the primary reason Apple changed course on supporting RCS is that it’s mandated in China. The Chinese government surely loves RCS because it isn’t encrypted.

That’s not unique to China or other authoritarian dictatorships. Even in the West, law enforcement and spy agencies love the fact that telephone voice calls and cellular text messages are unencrypted. We don’t know how much they record and keep, but it’s a known fact that the NSA has black boxes installed at the carriers’ call centers, and the safest bet is that they record and store all of it. But even if you trust law enforcement agencies to handle this sensitive data securely, it’s clear, from this latest data breach alone, that the carriers themselves cannot be trusted. They’re inept. They always have been inept. And my money says they always will be.

But even if, somehow, a future version of the RCS spec supports E2EE, what about older devices that only support today’s non-encrypted version of RCS? Even if RCS eventually supports E2EE — which, again, I doubt — such support will surely be optional, not mandatory, because RCS has already shipped and is in widespread use on Android without encryption. That’s why messaging platforms should be built around E2EE from the start. It’s difficult to mandate E2EE on a platform that already supports unencrypted messaging. RCS should have been exclusively E2EE; instead, the standard offers no encryption at all.

Carrier-based messaging was best left as a legacy protocol. SMS wasn’t dying, but it was slowly fading away, and should have been left for things like automated “your table is ready” notifications from restaurants. RCS is just going to give carrier-based messaging new legs that it shouldn’t have gotten.

Another thing that sucks about carrier-based messaging is that it requires a device with an active SIM card from a carrier. Yes, you can send and receive SMS from a Mac or iPad with Text Message Forwarding, but you need the iPhone to do the forwarding. If you power down (or worse, lose) your iPhone, your Mac and iPad will no longer be able to send or receive SMS messages — and I presume that will be true for RCS as well. Whereas with modern messaging platforms like iMessage, Signal, and WhatsApp, devices like PCs and tablets can serve as clients without a phone.1

There is, admittedly, a good argument in favor of RCS. Basically, that phone carrier messaging is now and always will be a universally accessible form of communication. Everyone who is online has a cell phone, and those phones can all send and receive SMS. Because carrier-based messaging isn’t going away, this argument goes, it ought to be made as good as possible, and RCS — despite its deficiencies — is clearly better than SMS. Therefore RCS ought to be supported by all mobile devices, including iOS. Here’s Andy Ihnatko, in a discussion with me on Threads back in November:

Carrier-based messaging on a pre-installed messaging app might seem irrelevant to many of us. But it serves and suffices. And the process of discovery, selection, and installation of a different service — and getting your entire social circle on board with it — is deathly for so many people.

“If I know their phone number, I can send them a message or a photo” is a world-beater of a feature for the average user. This is why such apps should be as muscular as feasibly possible.

Ihnatko is right, but only if you believe that carrier-based message should remain the baseline. I do not. And it’s also a U.S.-centric viewpoint. In most countries around the world, platforms like WhatsApp, Line, or Facebook Messenger serve that role, as the baseline “everyone has it” messaging platform — and they’re better for it. I prefer iMessage, personally, for multiple reasons, but iMessage is fundamentally limited from serving that “everyone has it” baseline role by Apple’s decision not to ship an Android client. Eddy Cue doesn’t lose many arguments but he lost that one. All of the effort spent pushing Apple to support RCS would have been better spent pushing Apple to ship iMessage for Android. And without a supported iMessage client for Android, that role ought to go to WhatsApp, not RCS. WhatsApp is free, secure, and works equally well on all phones.

Meta knows this, and clearly smells the opportunity. Does Apple?


  1. Two notes on this. First: security researcher Tommy Mysk recently publicized some serious issues with how Signal’s Mac client stores data locally, especially the fact that it stores its encryption key in a plain text file readable by any app on your Mac. This is not a defect in the Signal protocol, which is fully end-to-end encrypted, and arguably the gold standard for privacy. The problem with Signal’s desktop apps is that they’re storing information locally, without protection, outside the endpoints of “E2EE”. As Mysk proved, you can just copy Signal’s data folder from one Mac (that is properly signed into Signal) to another Mac (say, an attacker’s machine) and that second machine will be able to send and receive messages without the user being able to detect that an unauthorized machine has access to their account. Signal claims to be addressing this flaw in a future version now in beta testing.

    Second: Meta’s companywide aversion to developing native iPad apps includes WhatsApp. At least with Threads and Instagram, they allow the iPhone apps to run on iPadOS in letterboxed compatibility mode. But as you can see in this screenshot (which also shows how the lack of a proper native iPad client for WhatsApp has created a cottage industry of sketchy third-party apps in the App Store that are presenting themselves as WhatsApp clients), the iPhone WhatsApp client can’t even be installed on an iPad. This is so irritating. Meta does have proper native iPad versions of the blue Facebook app and Messenger, so I suppose there’s hope they’ll ship a proper WhatsApp client for iPad eventually. ↩︎

Read the whole story
chrisrosa
4 days ago
reply
San Francisco, CA
Share this story
Delete

The best free data recovery software we recommend using

1 Comment
We compare the top free data recovery software for your PC and Mac to help you pick which is best to help restore your lost files.

Read the whole story
chrisrosa
24 days ago
reply
If the data matters, don't do this.
San Francisco, CA
Share this story
Delete

“Anomaly” Under The Great Pyramids Deepen The Mystery That Surrounds Them

1 Share
Source: Wiley, Online Library

Source: Wiley, Online Library

The great pyramids of Giza are one of the world’s most enduring mysteries. We know a lot about them at this point, but not everything, and I imagine some believe we’ll never learn it all.

Especially when more mysteries, like an “anomaly” detected beneath them, keep popping up.

A team of researchers from Egypt and Japan were using ground penetrating radar and a technique known as electrical resistivity tomography (ERT) when they discovered two underground structures below a cemetery on the west side of the Great Pyramid.

They’re not sure what, but something is buried below the pyramidal tombs.

A study was published in Archaeological Prospection states the structures appear to be stacked atop one another. The shallowest is L-shaped and around 6 feet underground, measuring 33×49 feet.

Source: Wiley, Online Library

The lower structure is smaller, with an area of 33×33 feet, but is around 33 feet below the surface.

The Western Cemetery, the site of the discovery, has always been part of the bigger mystery. The area that’s flat and empty has always led people to wonder if something might be buried beneath it.

Source: Wiley, Online Library

The distinct shapes of the anomalies means they’re almost certainly human-made, but until they can excavate, there are only guesses as to what might be down there.

“We believe that the continuity of the shallow structure and the deep large structure is important.”

We’ll all stay tuned for more information.

Although if you ask me, we’ll likely just find more questions.

If you thought that was interesting, you might like to read about the mysterious “pyramids” discovered in Antarctica. What are they?

Read the whole story
chrisrosa
25 days ago
reply
San Francisco, CA
Share this story
Delete

There’s Something Strange Happening With The Y Chromosome As Scientists Observe That It’s Shrinking In Size

1 Share
Source: Shutterstock

Source: Shutterstock

It’s no secret that the concept of gender has been at the forefront of societies mind over the past several years.

And while many believe it’s nothing more than a construct, most can see that there are typical male and typical female traits in a majority of people, while admitting there is plenty of room for outliers on both sides.

Now, scientists say the Y chromosome – the one that determines a male baby’s biological traits at birth – is changing.

This is leading some to wonder whether or not it could ever disappear altogether.

Most human beings are born with 23 pairs of chromosomes, and one of these pairs is either XX or XY.

The Y chromosome contains a gene called SRY, which triggers the development of testes, but isn’t the only thing that determines a person’s biology.

The Y chromosome is smaller than the X, and while the latter has remained stable since chromosomes that express female or male biological traits first evolved in mammals around 180 million years ago, the Y has shrunk.

It’s about a third of the size of the X chromosome and contains just 106 protein-coding genes compared to X’s 900.

Researchers think the reason for this shrinking is down to the body’s attempt to ensure genetic variation and to avoid passing mutations onto offsprings.

shutterstock 2308656957 Theres Something Strange Happening With The Y Chromosome As Scientists Observe That Its Shrinking In Size

The process is called meiosis.

Meiosis is when spermatozoa and egg cells are created and pairs of chromosomes swap bits of their arms. Y can’t swap, though, so is left paired with its own mutations – mutations evolution would like to eradicate according to Dr. Jennifer Hughes.

“The X is fine because in females it gets to recombine with the other X but the Y never gets to recombine over almost its entire length, and shutting down that recombination has left the Y vulnerable to all these degenerative forces, which is why we’re left with the Y we have today.”

But while it’s not impossible to think the Y might disappear altogether, a 2012 study found that it had only lost one gene in the 25 million years since humans and rhesus monkeys diverged, and not one since we diverged from chimps.

Another study found that Y chromosomes have developed structural changes that help protect it against degradation.

“The Y is not going anywhere and gene loss has probably come to a halt. We can’t rule out the possibility it could happen another time, but the genes which are left on the Y are here to stay.”

Even if the Y chromosome did disappear, experts say that doesn’t mean the male population would go with it.

Source: Shutterstock

There are many genes involved with development that are found on other chromosomes, including SOX9, which plays a critical role. It, or another, could potentially take over the Y chromosome’s role in the process, as researchers have seen happen in the Amami spiny rat.

In the end, most experts believe that the evolutionary process is so slow that this is unlikely to be an issue for human beings as long as they populate the Earth.

So that’s comforting, at least.

If you squint.

Read the whole story
chrisrosa
25 days ago
reply
San Francisco, CA
Share this story
Delete

Jennicam, The Internet's First E-Girl Lifestreamer, Walked In 1997 So Belle Delphine Could Run

1 Comment
Jennicam-2

JenniCam is an internet legend who remade the game.

Read the whole story
chrisrosa
26 days ago
reply
I had totally forgotten about this bit of web history.
San Francisco, CA
Share this story
Delete

Xgrid lives -- a new project resurrects the promise of Apple's dead clustering software

1 Comment
Evoking the old Xgrid days, a new project connects Mac Studios together with Thunderbolt cables, and uses them in tandem for massively parallel computing tasks.

Two stacked, silver Mac Studios, sitting on a white surface. Blurred background features a brick wall and a sign.
If you have two Mac Studios, maybe you can cluster them

A very long time ago, I was involved in cluster computing, and assisted with a few Mac-centric cluster builds in Virginia. Near the end of Xgrid availability from Apple, I also built an Xgrid cluster using beige G3 motherboards. You know, just because I could.

While the corporate- and federally-funded Xgrids were pretty good, the self-build projects were pretty janky, and fragile hacks. Apple's Xgrid worked very well in extremely specific circumstances, but very poorly outside of those scenarios.


Continue Reading on AppleInsider | Discuss on our Forums
Read the whole story
chrisrosa
33 days ago
reply
Neat.
San Francisco, CA
Share this story
Delete
Next Page of Stories