Of course carrier-based RCS services have lawful intercept features. Governments wouldn't let carriers message people through their infrastructure without it.
However, if all the message contents are encrypted, they can only map out who's talking to who when from where (which is most of what they probably want anyway), but the files and message contents are unreadable without having a copy of the key storage of one of the recipients.
The encryption method used, MLS, seems pretty solid. It's based on Signal's ratcheting encryption mechanisms but for groups without exchanging tons of keys. Google has been using it with RCS for a while (though I believe they used plain old Signal's protocol for 1-on-1 messages). Now that MLS is part of the GSM spec, I expect their messenger to switch to the open standard instead.
This has nothing to do with caving. It’s always been about not supporting a proprietary standard for E2EE. GSMA dragged their feet so long, and this is just Apple announcing they’ll support the standardized method… which everyone would in theory assuming Google doesn’t keep their proprietary RCS stack.
Google's proprietary RCS stack seems to be pretty much what the new spec seems to be. Furthermore, their RCS server seems to be the most popular RCS server for carriers to buy.
Good on Apple for demanding the E2EE spec to be part of the official spec, but I don't think Google will need to do much different. I'm surprised they actually added it given it directly opposes the goals of the government parties that want to wiretap conversations.
So, since Apple is caving I'm guessing this means there is lawful intercept built into RCS and this is their escape hatch?
Of course carrier-based RCS services have lawful intercept features. Governments wouldn't let carriers message people through their infrastructure without it.
However, if all the message contents are encrypted, they can only map out who's talking to who when from where (which is most of what they probably want anyway), but the files and message contents are unreadable without having a copy of the key storage of one of the recipients.
The encryption method used, MLS, seems pretty solid. It's based on Signal's ratcheting encryption mechanisms but for groups without exchanging tons of keys. Google has been using it with RCS for a while (though I believe they used plain old Signal's protocol for 1-on-1 messages). Now that MLS is part of the GSM spec, I expect their messenger to switch to the open standard instead.
This has nothing to do with caving. It’s always been about not supporting a proprietary standard for E2EE. GSMA dragged their feet so long, and this is just Apple announcing they’ll support the standardized method… which everyone would in theory assuming Google doesn’t keep their proprietary RCS stack.
Google's proprietary RCS stack seems to be pretty much what the new spec seems to be. Furthermore, their RCS server seems to be the most popular RCS server for carriers to buy.
Good on Apple for demanding the E2EE spec to be part of the official spec, but I don't think Google will need to do much different. I'm surprised they actually added it given it directly opposes the goals of the government parties that want to wiretap conversations.