Tuesday, June 22, 2021

Google Messages Adds End-to-End Encryption

Abner Li (via Hacker News):

Back in November, Google announced that it would start testing end-to-end encryption in Messages for Android. After being limited to the beta channel, E2EE is now rolling out to all stable users.

With end-to-end encryption enabled, Google or other third parties cannot read the contents (text and media) of your RCS chats as it’s in transit between the sender and receiver. Google is using the Signal Protocol and offers a technical paper with more details. 

Google:

Messages also uses this central database to include SMS and RCS messages in Android system backup, so messages can be transferred to a new client or device. Starting from Android version P, the Android system backup is end-to-end encrypted with a secret key derived from the user’s lock screen PIN/pattern/passcode so Google servers can’t access it.

Previously:

Update (2021-06-29): Chaim Gartenberg:

Over the past 15 years, Google has introduced more than a dozen messaging services spanning text, voice, and video calling.

[…]

Here’s a breakdown of Google’s major messaging offerings over the years, with currently active services in bold[…]

Via Nick Heer:

I would love to know the inside story of why there are so many disjointed and failed attempts to launch such a seemingly straightforward platform-level feature.

John Gruber:

My first thought was that this exemplified my argument the other day about Google’s lack of institutional focus. But it sort of works against my argument that Sundar Pichai is shepherding Google in a more focused direction — a bunch of these false steps in messaging were under his leadership.

Update (2021-07-26): Juli Clover:

Verizon today announced that it is planning to adopt Messages by Google as its default messaging service on Android devices, joining AT&T and T-Mobile. That means all three major carriers in the United States will support the RCS standard on Android devices as of 2022.

6 Comments RSS · Twitter

This is huge actually. Not only messaging is E2E but also the backups. My only wish, if these messaging platforms were interoperable. Even on Android, RCS only kind of worked cross devices and networks unless you standardized on a single messaging system (because of incompatibilities in implemented profiles). Right now I can RCS message with text and media to my friend using LG Messages from my Android device using Google Messages, but he cannot send media back to me, only text (unless he switches back to SMS/MMS). iOS users are of course left out because Apple will not implement RCS at all, which is frustrating. Especially since Google's implementation might actually be better for privacy/security when compared to iMessages.

No worries; Google will find a way to kill Google Messages in favor of a different app.

@Kevin Schumacher
Google Messages is using RCS, so it shouldn't be flatlining since nearly every phone released in the last few years with Google Messages can have RCS enabled by clicking a single setting. The carriers failed, so Google literally stepped in and said, "Just use Google Messages and have RCS."

The real problem is RCS end to end encryption seems to be baked into the app, not the standard. Meaning, any RCS client should be able to tap into the E2E, but I'm pretty sure that's not true. But I need to do more research to be sure.

Again, this whole announcement about Google Messages is related to RCS chat.

@Sören
Normally I would agree or just laugh it off as the obvious joke (I have used so many failed Google messaging standards), but in this case, literally your phone would have no messaging app if Google bailed again. Yes, of course you could download another messaging app, but people are used to something that handles SMS/MMS (and now RCS).

Kevin Schumacher

@Nathan
Try as it might, Google cannot force the carriers to adopt RCS, especially in the US with Apple having both significant marketshare and zero interest in supporting it. The carriers formed a coalition in 2019 to implement RCS. This year, the coalition was dissolved having accomplished precisely nothing. The entire point of RCS is to replace SMS, which is going exactly nowhere without carrier support.

RCS without carrier support is WhatsApp (IOW an over-the-top messaging service), except WhatsApp has modern-day messaging features that users have come to expect.

The only way Google's RCS works is if both the sender and the recipient have a device that supports Google Messages and both have it turned on. So...more like iMessage, then, except for Android devices.

So Google has an iMessage clone implemented using RCS at this point (though given when the standard was created, it's years behind iMessage, as evidenced by the fact that e.g. they're having to implement E2EE as on top of it). That means precisely nothing for RCS itself. Google cannot singlehandedly replace SMS just by sheer force of will, even assuming they maintain interest in it long enough to try, which is by no means a given with them.

Google has taken the RCS standard and created an OTT messaging service with it. That's it. Everything else is irrelevant unless the carriers implement it on their side, too.

> but in this case, literally your phone would have no messaging app if Google bailed again

Something like that has never, ever stopped them before. How many messaging apps/platforms have they been through? (Google Messages is the ninth one, is the answer.) So they kill Google Messages and replace it with Google Type To Send Short Bits Of Text To Your Friends. Like they haven't been there literally eight times before.

@ Nathan:

> Normally I would agree or just laugh it off as the obvious joke (I have used so many failed Google messaging standards), but in this case, literally your phone would have no messaging app if Google bailed again. Yes, of course you could download another messaging app, but people are used to something that handles SMS/MMS (and now RCS).

Right, it's a joke, but AOSP does have a messaging app that I believe is distinct from Google Messages. They could simply go back to that. I'm not suggesting carriers stop shipping an SMS client (though, at some point ten, twenty years from now, that, too, might just happen).

Leave a Comment