Tuesday, 30 May 2023 14:17

the Google Way to Break Encryption in RCS by Forcing AI

Written by

Reading time is around minutes.

Google has been very interested in pushing new standards for messaging, Rich Communication Services. RCS started in 2007 as a new way to make “texting” more functional and complete. This included things like read receipts, response indictors (typing icon) and more. It was a way to make standard android messaging services on par with apps like Signal, WhatsApp, and Telegram. In and of itself it is a great feature and one that enhances standard SMS and MMS functionality. Along the journey Google and others started to add encryption (end-to-end) as a way of protecting the message content (which was a core component of RCS).

Apple had their own standard with iMessage and while it might not have been as advanced as Google’s offering it was still very close and not a terrible version. In fact, I believe the only big gap was not showing the source number in messages which Apple fixed very quickly. I have other issues with Apple and the iOS platform besides iMessages, but in this case it is not a bad system. That has not stopped Google from pushing RCS on Apple and Apple users though. They would love nothing more than to have this be the de facto standard for any and all messaging. Of course, this is also normal for businesses so I cannot really fault Google here, especially in a market where Apple has tried to litigate their way to market dominance (and let’s not mention the closed eco system of most Apple services).

But there is a new reason for Apple not to support Google’s RCS and that reason is AI. This new AI feature is called Magic Compose. It is one of those Generative AI functions that we recently told you was vulnerable to indirect prompt-injection attacks (). It also happens to break end-to-end encryption as it has to send messages back to Google servers to work. Up to 20 previous messages are sent to Google servers when you use this feature that was shoved into a place where it was not needed. The reason these are sent is because Magic Compose cannot run on your device. Your phone does not have the power or storage space to run a Generative AI locally. That means data must be sent to the cloud to perform this function, there is no end-to end encryption at that point as the message is relayed outside of the connection to the recipient.

The other side of this is the massive privacy implications in this move by Google. I would not really consider a good steward of personal information and the many lawsuits and fines that they have been hit with support this concern. For them to now implicitly say they are capturing the content of the last 20 messages is a concerning item. I do not care if Google say they do not store the messages or use them to train the AI, they are sent there and are available to Goggle. There is also the line about them being used to make suggestions. If this is not teaching the AI, I do not know what is.

The good news, right now, is that this feature is optional. It is not enabled, and you can check to make sure it is off, or simply use another messaging service if you are concerned about the privacy of your conversations. The downside is that more and more of the third party messaging services are moving away from supporting general SMS and MMS conversations. Signal recently removed that option from their services so you are left with needing two apps for messaging or hoping all of your friends will move to your favorite app. Still this move from Google is troubling, it is not beyond imagination that Google will switch Magic Compose on by default and leave you with no way to turn it off (like they did with wireless connections in Android Auto). Mobile devices are already vulnerable to attack and thanks to the mad push for AI, they could be even more vulnerable in the future.

Read 394 times

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.