Apple will soon support encrypted RCS messaging with Android users

Original Article ↗ Hacker News Discussion ↗

Scope of the Announcement

  • Thread distinguishes two milestones:
    • Earlier: “RCS is coming to iPhone.”
    • Now: standardized E2EE added to GSMA RCS, with Apple saying it will support that.
  • Many argue the real news is the GSMA E2EE spec (based on MLS / RFC 9420), not Apple alone.

How Encryption and Keys Might Work

  • Core open question: when you send to a phone number, who provides the public key and runs the key infrastructure?
  • iMessage uses Apple-run key servers with device attestation; Google’s RCS E2EE similarly centralizes key exchange and restricts it to Google Messages.
  • For cross-platform RCS, participants debate:
    • Whether there will be new, shared key infrastructure.
    • Whether carriers or Google will effectively control this.
    • Whether this remains “server-heavy” rather than Signal-style but multi-vendor.

Google’s Role and Openness

  • Strong criticism that Google’s earlier E2EE RCS was de facto proprietary:
    • Only Google Messages allowed to use the key servers.
    • No public, implementable spec; third‑party clients effectively blocked.
  • Some note Google is migrating toward the new GSMA/MLS standard, and Apple likely waited for that instead of adopting Google’s ad‑hoc scheme.

User Experience, Bubbles, and Regional Norms

  • General expectation that iOS will still distinguish iMessage (blue) vs RCS/SMS (green), even if both are encrypted:
    • Branding, different feature sets, and blame-clarity for failures in mixed groups.
  • Debate over whether “green bubble” stigma is about color, features, or perceived status; largely a US/North America issue.
  • Outside North America, SMS/RCS is often marginal; WhatsApp/Telegram/WeChat/etc dominate.

Carriers, Spam, and Costs

  • RCS is positioned as an SMS/MMS successor; carriers and GSMA historically resisted E2EE and favored interceptability and billing.
  • Concerns:
    • Business RCS used for rich-media spam and ads (India cited).
    • Potential return to per‑message charging if carriers control more of the stack.
  • Some note RCS remains tied to telco infrastructure and, in practice, heavily to Google’s Jibe backend.

Protocol Critiques and Privacy Concerns

  • Multiple commenters prefer Signal/Matrix/XMPP-style open, multi-device systems.
  • RCS is criticized as:
    • Phone‑number–bound, single‑device, hard for third parties to implement, and effectively centralized via carriers/Google.
  • A spec clause requiring clients to “detect suspicious messages” is flagged as risky:
    • Could mean on‑device spam/CSAM scanning, or could be a wedge for more intrusive scanning depending on implementations.