TL;DR
- Users who have rooted their phone, have their bootloader unlocked or are using some custom ROMs report that their RCS messages are not being sent, even though RCS shows them as connected.
- The Google Messages app does not show any error messages when blocking RCS messages of these users and does not send the messages out as SMS or MMS either.
- Google famously campaigned for Apple to include RCS messaging in iMessage but is now blocking it for certain Android users.
Google are so needlessly hostile to people that root, what the fuck does sending messages have to do with having elevated permissions on a phone?!
The hostility towards custom ROM in general, is what forced me to root. Initially I used LineageOs without root. However, that got me in to issues with various apps, due to not passing safety net. So now I use magisk to hide that I use a custom ROM. So, they basically forced me to root.
Google is probably trying to get around the cardinal rule of network security: you can’t trust the client.
Their RCS client probably doesn’t make sending a huge volume of messages (i.e. spam) easy, and more automation is possible with root. Yes, it’s stupid, but it’s not completely without purpose.
This is really it. Plus not everyone who roots (or, rather, everyone with a rooted phone) fully understands the security implications of running as root. I’d assume that since their implementation of end to end encryption must require a device-side key pair, and I’d wager that it’s pretty trivial to obtain private keys once you’ve obtained control of a rooted phone. For an adversary, this is a serious threat to the users privacy and security.
This is just one example. I’m sure it’s incredibly difficult to make a platform that you market as secure and private when your users have full control of the system that the application is running on. It’s a never ending cat and mouse game where the device user (whether “intended use” or not) has the upper-hand most of the time.
Not being a total Google apologist here though. They should have made it quite clear that they were blocking messages, and why. Not doing at least that, is inexcusable.
I’m a hardliner when it comes to user control of their own devices, so I’m not going to agree with Google’s behavior here even if it, on average results in a benefit to users.
I don’t think it provides a net benefit to users though. I think Google wants to be lazy about building spam-mitigation solutions, and wouldn’t be sad if it results in fewer users blocking ads and tracking. If Google was positioning its RCS client as a hardcore security product, maybe it should warn both sides of the conversations that there’s a risk of compromise, but even Signal, which is far more dedicated to security doesn’t do that.
Zero-click exploits are a more common attack vector than modified operating systems in the real world, and I’d be willing to wager my up-to-date LineageOS install is less vulnerable to them than the average person’s phone.
God, it’s like they don’t want RCS to succeed.
RCS is just stupid. When I was still building phones a decade ago we had some operators ask for it - but after reading the standards decided to just ignore it and hope it passes. Pretty much everybody did that, until google got interested - presumably because they figured it’d be a good way to get control of messaging on a lower level. As that’s exactly what RCS is: control of messaging, and ideally the option to charge for it, just like SMS and MMS before that.
What’s really bizarre is that Google had the chance to be a dominant player in messaging when they made Hangouts the default SMS client on Android. Instead, they backpedaled and let Hangouts wither into obscurity. I’m mostly glad they screwed that up, but also puzzled.
Hangouts was the best thing going for a while there. Of course they had to goog it up.
Hangouts/Google Talk was great when they had federation and allowed 3rd party clients. After they locked that it went to shit.
I miss the golden age when we had AIM, ICQ, or GoogleTalk, etc all on the client of our choosing.
I think after XMPP, Google Talk, Wave, Hangouts, Allo, etc… people should know better than to adopt a messaging service from Google.
Yes, I know RCS is theoretically an open standard, but if Google can keep me from using it, it effectively belongs to Google.
XMPP is not from Google. They just successfully pulled an EEE.
XMPP was ok for its time
Not only for its time! While flawed, I still see it as probably the best middle ground for messaging. It has evolved since then, its servers are easy to host and it has a variety of clients that support e2e.
It’s apparently the Google Messages app, not Android itself. Good to know.
it’s the only OEM-independent, RCS-compatible app for now, so it’s not like you can work around it by installing another client.
It suggests that apps without this problem can be developed, which means more paths to a workaround than if we had to modify the operating system.
Sure but specifically with RCS, Google has to allow devs to use it in their apps. And they won’t.
How is Google going to stop them?
Forbidding an app from the Play Store is unlikely to stop these users, who already use rooted devices and custom ROMs. They’ll just get an app from their ROM provider, F-Droid, or elsewhere.
Does RCS depend on Google services integrated with the mobile network operator? If Google tried to use that position to forbid alternative apps, it would seem likely to run afoul of the Digital Markets Act.
I don’t know a lot about RCS specifically, though. Is there another issue I haven’t considered?
Using RCS requires low level access to phone’s modem. You won’t get it on Android. Google is bypassing it’s own restriction by using proxy servers while having the deal with phone operators.
