• circuitfarmer@lemmy.sdf.org
    link
    fedilink
    English
    arrow-up
    11
    arrow-down
    2
    ·
    14 days ago

    You are missing my point.

    I don’t deny the definition of E2EE. What I question is whether or not RCS does in fact meet the standard.

    You provided a link from Google itself as verification. That is… not useful.

    Has there been an independent audit on RCS? Why or why not?

    • mosiacmango@lemm.ee
      link
      fedilink
      English
      arrow-up
      6
      arrow-down
      7
      ·
      edit-2
      14 days ago

      Not that I can find. Can you post Signals most recent independent audit?

      Many of these orgs don’t post public audits like this. Its not common, even for the open source players like Signal.

      What we do have is a megacorp stating its technical implementation extremely explicitly for a well defined security protocol, for a service meant to directly compete with iMessage. If they are violating that, it opens them up to huge legal liability and reputational harm. Neither of these is worth data mining this specific service.