Why should you stop using your Android messaging app
Android Messages finally offers an alternative to iMessage, so say it securities, at least. Ignore the irony that Apple’s messenger has never been so under fire, The reality is very different. If you are an Android user, you need to use something else.
Two parallel developments have catapulted Android Messages from a standard SMS client to an alternative to iMessage. First, Google is on the verge of completing the switch to RCS, which it has taken over from operators, upgrading the outdated but ubiquitous SMS – with major operators now on board, Android messages have become a default. And second, Google has finally added end-to-end encryption to its platform.
Android Messages with its RCS underpinnings serves a much larger user base than iMessage, but it also has the same basic problem. Where iMessage only works within Apple’s ecosystem, coming back to SMS outside of that, Android Messages is essentially the same. Yes, RCS is a near-industry standard, but without Apple on board, that’s questionable.
More fundamentally, Android Messages doesn’t have the same end-to-end encryption as iMessage, far from it. Android messages only end-to-end encryption in 1: 1 chats where both users have the new RCS app on their Android phones. Unlike iMessage (or Signal or WhatsApp), this does not extend to groups or multiple devices for each user.
“Some users may assume that group chats are treated with the same protection and have end-to-end encryption by default,” warns Jake Moore of ESET. “But since that’s not the case, it’s important that people don’t put that risk aside, especially when more privacy-focused options are available. All communications should be handled with security concerns, no matter how trivial. “
Google confirmed to me this week that it still does not have a public date for an extension of its end-to-end encryption. This major security gap makes Android messages more like Facebook Messenger or Telegram, each of which allows for 1: 1 secret chats, but doesn’t not offer it for groups.
As Google itself puts it, “With end-to-end encryption, no one, including Google and third parties, can read eligible messages as they travel between your phone and the phone you send.” In this case, you would clearly only want to use an email platform that offers this level of security for ALL your messages.
iMessage and Signal already offer fully encrypted end-to-end messaging for groups and multiple devices. WhatsApp’s end-to-end encrypted solution for accessing multiple devices is now imminent – it already supports group encryption, of course.
Where Android Messages beats iMessage, however, is that its backup database is protected with end-to-end encryption, “so google servers cannot access it. “This is clearly very different from Apple’s infamous decision not to end-to-end encryption of iCloud backups, and unless Apple users change the default settings, Apple can access iMessages in iCloud.
There are three other reasons why you shouldn’t switch to Android messages by default. First, WhatsApp has a much larger user base on Android than on iPhone, and it’s also much more popular on Android than Android Messages, ironically. As such, WhatsApp is essentially a secure messenger by default for Android users. The platform owned by Facebook cannot be used as the default SMS platform on your phone, just like Facebook Messenger and Signal, but this is a minor obstacle.
WhatsApp is currently out of functionality, responding to the backlash of Facebook’s 2021 terms and conditions and the fury of the Apple privacy label with a series of critical improvements. Encrypted backups, multi-device access, messages that go missing, and single view media are all critical and they are all deployed or imminent.
Bar backups, which are not an option, Signal offers the same, of course, and is the default choice for most security professionals and cybersecurity savvy users. But WhatsApp’s security has a proven track record with over 2 billion users and over 100,000 billion messages, you can be sure that it will keep your content safe while possibly being on all your contacts’ phones.
The second problem is the lack of ephemeral or “missing” messages from Android Messages. Why would you want to store an archive of years of content on your phone and your contacts’ phones? Why take the risk that what you said or the photos or videos you sent years ago will come back to haunt you. This is not an option with Android messages.
Apple’s iMessage also doesn’t offer this feature, which is a good reason for Apple users to opt for WhatsApp or Signal instead—quite apart from the latest Pegasus news.
While the disappearance of messages is important for text, it is essential for images, whether it’s personal photos or videos taken in the heat of the moment or shared in a past relationship. We mature and change. Do you remember the pictures you sent to friends or former partners ten years ago? Are you sure nothing will come back to haunt you?
WhatsApp now offers ‘view once’ media, essentially adding Snapchat-like features to the app, so you can send a quick souvenir or a photo taken at a work party to make your coworkers laugh, without you. worry about this content being stored on multiple phones forever only to come back five years later.
The third major issue is specific to Android Messages and iMessage. Alleged attacks on Apple users through NSO’s Pegasus reportedly used iMessage and other Apple apps to target devices. There has clearly been a problem with applications that are sewn into an operating system with more risk than “on top”.
While WhatsApp itself was targeted by the NSO software, the platform has been very transparent about its efforts to stem future attacks and the need for the industry to do more, even criticizing the lack of transparency of Apple on iMessage Security.
The messaging war for users has become an opportunity for Apple and Google to flex their operating system muscles, pushing their own platforms to the detriment of others, recognizing the potential of owning these most popular platforms. stickers that connect each user to all of their social graphics. Just look at Apple’s iMessage innovations for iOS 15 and Google’s RCS takeover, and its drive to become the default messenger on Android devices.
Obviously, the more tightly integrated into an operating system, the more a messenger presents an attack surface to a potential attacker. My advice to users, both Apple and Android, is to use third-party messengers, in part for this reason.
The semi-encryption of Android messages is a solution to a problem that does not exist. Unlike iMessage, the Android ecosystem hasn’t grown around this app. And while I applaud Google for taking this extra security measure, users should stick to third-party platforms as their messengers of choice. Report, ideally, WhatsApp otherwise. If you want to enjoy the iMessage experience, with secure messages and unsecured SMS side by side, just select Signal as your default messaging app.
And so, no, Android Messages is NOT an iMessage equivalent, but iMessage isn’t particularly good at the moment either. Don’t be fooled by sticker packs and fancy features. Secure messaging is secure messaging, it’s that simple. You shouldn’t be using Facebook Messenger or Telegram, given their security and privacy gaps. And you shouldn’t be using Android messages either.