Keeping your chats secure is a good idea, but end-to-end encryption is just the beginning of the list of options to consider when picking a messaging app.
  • ᗪᗩᗰᑎ@sh.itjust.works
    42·
    5 days ago

    RCS still leaks metadata like a sieve. Encryption, considering the platforms that exist today (Signal and SimpleX), should not be the minimum requirement. Plain-text messaging should not even be possible in modern secure messaging platforms. The platform should be open source and be engineered to mitigate the collection of metadata - like Signal and SimpleX.

    • 9tr6gyp3@lemmy.world
      2·
      5 days ago

      Seeing as RCS with encryption based on the MLS standard hasnt been deployed yet, can you show exactly what metadata is leaking?

      • ᗪᗩᗰᑎ@sh.itjust.works
        2·
        4 days ago

        MLS only deals with encryption and key management, which is great but that’s been a “solved” problem since TextSecure (now Signal) introduced the TextSecure Protocol (now the Signal Protocol) in 2013.

        What I’m aware is missing with RCS / MLS compared to Signal (someone with more recent knowledge please correct me):

        • Sealed sender so only the recipient knows who sent the message.
        • Not storing metadata or logs.
        • No built in crash reports.
        • Private contact discovery.
        • Published government requests providing evidence that they don’t have any data.
        • Open source client.
        • Looking at the Google Play store, Google’s Messenger shares precise location data with third parties, Signal doesn’t.
        • Also on the Google Play store, Google’s Messenger app list a lot of data collected. Signal only lists phone number.
      • poVoq@slrpnk.net
        2·
        4 days ago

        Well, instead of leaking metadata to Signal, AWS, Cloudflare, Google/Apple and your ISP, like Signal does, RCS only leaks it to your ISP /s