🚒 iPhone vs Android 🚒

Round 394!

ok but in all seriousness, let’s say I want to send some SMS/RCS using my cell, but I want to do that from the computer… should be feasible?

iPhone’s iMessage: “we love our walled garden so much that NO ONE can send messages using a web interface, despite iMessage being an iCloud enabled app and the ecosystem having iCloud apps available online to any non-Mac – but we decided that iMessage alone should never be usable on the iCloud web interface (because reasons?)”

Android via Messages App: “sure thing fellow Happy Camper! here you go! https://messages.google.com and it’s just as secure as using the device itself.”

Best part… Android’s method WORKS ON FREEBSD!

#noFlameWarNeeded #iPhone #Android #mobileDevices #FreeBSD #Linux #Apple

  • 💞 eva 💞@mastodon.bsd.cafeOP
    link
    fedilink
    arrow-up
    1
    ·
    5 days ago

    @[email protected] for sure, and that is a present concern for RCS protocol, which is sorta lenient from the carrier perspective. it comes as only a minor surprise that they (cell phone / teleco) wouldn’t want to get into the encrypted traffic side of the engineering – otherwise:

    1. they would likely argue for a backdoor
    2. they would likely wedge deep packet inspection provisions
    3. they never want to do anything for free
    4. they would bicker amongst themselves and turn it into vaporware

    telco cannot be trusted for end-user security, so the implementation of RCS (as you mentioned) really matters quite a lot. My primary annoyance with iOS in this regard is that they’ve refused to implement AES or TLS or anything else on top of their RCS stack, but at least in this scenario it’s usable from a browser regardless.

    • gyptazy@mastodon.gyptazy.com
      link
      fedilink
      arrow-up
      1
      ·
      5 days ago

      @[email protected] One reason for “Telcos cannot be trusted” is being forced to assist lawful interceptions. And back in the days where SMS has been frequently been used on the SS7 protocol via UCP and SMPP, every hop could read everything in plaintext (still today). However, e2ee with vendor pre-generated keys (e.g. IMessage) isn’t really better - you can never be sure that not somehow an additional key for encryption got created. People may now say use opensource and right, this might be better…