🚒 iPhone vs Android 🚒

Round 394!

ok but in all seriousness, let’s say I want to send some SMS/RCS using my cell, but I want to do that from the computer… should be feasible?

iPhone’s iMessage: “we love our walled garden so much that NO ONE can send messages using a web interface, despite iMessage being an iCloud enabled app and the ecosystem having iCloud apps available online to any non-Mac – but we decided that iMessage alone should never be usable on the iCloud web interface (because reasons?)”

Android via Messages App: “sure thing fellow Happy Camper! here you go! https://messages.google.com and it’s just as secure as using the device itself.”

Best part… Android’s method WORKS ON FREEBSD!

#noFlameWarNeeded #iPhone #Android #mobileDevices #FreeBSD #Linux #Apple

  • shac ron ₪‎@ioc.exchange
    link
    fedilink
    arrow-up
    3
    ·
    12 days ago

    @[email protected] If you can view your iMessage messages on the web it means that Apple has your encryption keys. That would entirely defeat end to end encryption. And when a government agency comes to Apple to get a copy of your messages, they would have to surrender them, something they cannot do today.

  • gyptazy@mastodon.gyptazy.com
    link
    fedilink
    arrow-up
    1
    ·
    9 days ago

    @[email protected] keep in mind, that it isn’t always e2e encrypted on Android (not for SMS and for RCS it depends on the used mobile ISPs gateway implementation (if not jibe) and on the remote devices. So, depends of this is really a pro instead of cons on the point of view.

    • 💞 eva 💞@mastodon.bsd.cafeOP
      link
      fedilink
      arrow-up
      1
      ·
      8 days ago

      @[email protected] for sure, and that is a present concern for RCS protocol, which is sorta lenient from the carrier perspective. it comes as only a minor surprise that they (cell phone / teleco) wouldn’t want to get into the encrypted traffic side of the engineering – otherwise:

      1. they would likely argue for a backdoor
      2. they would likely wedge deep packet inspection provisions
      3. they never want to do anything for free
      4. they would bicker amongst themselves and turn it into vaporware

      telco cannot be trusted for end-user security, so the implementation of RCS (as you mentioned) really matters quite a lot. My primary annoyance with iOS in this regard is that they’ve refused to implement AES or TLS or anything else on top of their RCS stack, but at least in this scenario it’s usable from a browser regardless.

      • gyptazy@mastodon.gyptazy.com
        link
        fedilink
        arrow-up
        1
        ·
        8 days ago

        @[email protected] One reason for “Telcos cannot be trusted” is being forced to assist lawful interceptions. And back in the days where SMS has been frequently been used on the SS7 protocol via UCP and SMPP, every hop could read everything in plaintext (still today). However, e2ee with vendor pre-generated keys (e.g. IMessage) isn’t really better - you can never be sure that not somehow an additional key for encryption got created. People may now say use opensource and right, this might be better…