While iPhone-to-iPhone (iMessage) and Android-to-Android (Google Messages) communications are encrypted, cross-platform messaging (i.e., between iPhones and Androids) lacks end-to-end encryption (E2EE). This vulnerability is especially concerning amid ongoing large-scale cyberattacks attributed to China (Salt Typhoon group).
Recommendations from the FBI and CISA
- Use Encrypted Messaging Apps:
- Platforms like Signal and WhatsApp offer full E2EE for both messaging and calls, making them preferable for cross-platform communications.
- Avoid RCS for Now:
- While RCS (Rich Communication Services) is a successor to SMS with some advanced features, it lacks E2EE for cross-platform communication.
- General Encryption Advice:
- Encryption is advised for all communication types, including messaging and voice calls.
The Backdrop
- Ongoing Hacks: Chinese-linked cyberattacks have highlighted vulnerabilities in U.S. communication networks, reinforcing the importance of encrypted communication to prevent data interception.
- Tech Industry Gaps: Google and Apple, while supporting encryption within their ecosystems, have yet to implement it for RCS across platforms.
| Platform | Encryption | Additional Features |
|---|---|---|
| Signal | Full E2EE | Encrypted messaging, voice, and video calls. |
| Full E2EE | Widely used, cross-platform support. | |
| Facebook Messenger | Full E2EE (optional) | Recent E2EE integration for messaging. |
What to Do
- Switch to Fully Encrypted Platforms:
- Default to apps like Signal or WhatsApp for all communications.
- Avoid Cross-Platform RCS Messaging:
- Stick to E2EE options until RCS implements encryption.
- Update Devices and Apps:
- Regular updates help ensure maximum security.
With Apple’s upcoming iOS 18.2 update allowing users to change their default messenger, this is an opportunity to prioritize secure messaging platforms. Until RCS catches up with encryption, reliance on WhatsApp, Signal, or similar platforms remains the best way to ensure privacy and security.
