Trust me, I push Signal hard and even donate to it monthly. As I’m sure many of you know, there are always a few contacts who unfortunately refuse to use it.
In this case: do you prefer to use insecure SMS in something like QUIK SMS or Fossify Messages, or do you prefer to bite the Google bullet to get end-to-end encrypted messages (even if the metadata isn’t encrypted)?
I can see good arguments for both sides, so I am curious what Lemmy’s take is.
I have a dumb question: what’s to stop someone from creating a GPG based front end for any kind of unencrypted SMS? It could encrypt as you send and decrypt as you receive. If two people have each other’s keys isn’t that end to end encryption? Why would you need to rely on something that the OS or carrier is providing?
RCS is harder for average criminals to snoop into.
Also if in the future bank verification codes use RCS, that makes it harder to get MITM’d
(cuz banks are stubborn as hell, they’d never allow 2fa apps)
I’d rather still have SMS verifications than the proprietary 2FA app mine has now
I seriously would not mind RCS if Google didn’t monopolize it.
I will be forever on MMS because I’ll never use Google’s crappy message app.
No one is sending anything substantial over SMS for me anyway, so it’s not an issue where I need an e2ee channel with someone who doesn’t have signal
What are you more worried about, third party, MitM interception (e.g. IMSI catcher) or Google knowing who you are communicating with? The former is technically harder for an attacker, but the use of such devices is well documented and poorly controlled. Google is, well Google. And you can expect them to monitize any bit of data they have on you. Also, that data will almost certainly be handed over to local law enforcement, especially if they have whatever the local equivalent of a warrant is.
As with most security, there are trade-offs. You have to decided what risks you are willing to accept and what you are not.
Personally, mostly concerned about surveillance capitalism and mass surveillance. But I pose this more as a hypothetical for what “you” (the average lemmy user) would think is the lesser of two evils
I absolutely cannot stand RCS. Here in the US all the carriers have given up implementing it themselves and instead offload it to Google — I’m not even an Android user! I have to explicitly unblock a bunch of Google domains for RCS to work.
E2E will be nice once it’s functional with iOS but I still loathe depending on Google.
Well, I don’t have Google Messages on my phone. And as far as I know there’s no open third-party implementation out there to do RCS?! That kind of messenging also isn’t part of AOSP …That means I’d obviously (need to) send and receive SMS.
Personally I hate both options, I’ve lucked out that most of my steady contacts use signal, currently I’d go with RCS especially as it’s supposed to get e2e encryption between iOS and Android. That said both options are rough, your carrier can read all your sms and Google gets all your metadata for RCS
Well if I only get those two options it’d be SMS because I don’t do anything interesting enough for a government to spy on, but Google would benefit in knowing my contacts.
But the real answer would be, I would not message that person anymore.
this is the way
SMS for uninteresting plain texts to a phone.
RCS for sending a picture over 1mb to a phone.
Email for common everything else.
Matrix\Element or other measaging clients for the uncommon everything else.
A second phone number or virtual SMS client like Google Voice for sensitive SMS 2FA.
Sadly, encrypted will always the be better option, even if proprietary.
RCS. Even with the added smart features, it’s still seen as a more secure alternative due to encryption and sender’s verification
i would just use sms/mms. it’s easier to manage (backups and stuff)
Neither.
SMS/texting is so fucking outdated. Why are ya’ll still attached to that stuff?Because it’s a universal communication standard. Quite literally every phone made in the last 30 years supports SMS. The hangup is the carrier. But pretty much every carrier, at least here in the USA, offers unlimited SMS.
Sounds like the usual “Because we have always done it that way and it works. I won’t just change!!!11 because some youngster found the next new fancy thingy”
Sarcasm aside, you really aren’t that far off. Unfortunately, we as enthusiasts don’t make the decisions - our own social networks (the concept, not the internet shitholes) do that for us. The vast majority of regular people don’t even realize you can use a different texting app, let alone a secure one that doesn’t rely on an insecure protocol (i.e. Signal). And then you have iPhone users who don’t realize that iMessage is a wholly separate thing from SMS. You can’t really expect those kinds of people to download 4 different messaging apps just to keep in contact with their peers.
Yes and no.
Yes I can expect that because outside of the US some already use WhatsApp and probably to some degree FB messenger. Threema, Signal are on the rise (I’ll exclude Telegram due to QAnon and several hard right to nazi-level groups happening there).Keep in mind that I am talking about Germany here. But I am very sure it’s on a similar rate elsewhere as well.
Why are ya’ll still attached to that stuff?
It comes with every phone and is the lowest common denominator.
So I can ask a recipient what messaging-app-de-jour they are using, and then install said app , or I have to convince them to use MY messaging-app-de-jour and get them to install it. All this has to happen outside preferred channels of communication, because we haven’t yet figured out what shared methods we can communicate with.
Orrrrr I could just send them a SMS and know that even if they are using the shittiest, most locked down non-free piece of crap phone possible, their phone will go 'bing! ’ and they will receive my message.
Occasionally I just use SMS for plain text like “Hey let’s hang out later”. I don’t use it for longer chats, sending Pictures or anything like that. I don’t care about RCS since I don’t use google services.
Recently I was looking for sms app for ios with PGP integration. Sadly didn’t find any. Was thinking to build one but rolling out to AppStore is too much of a hassle. RCS seems to be carrier dependent.
