From what I understand with Apple’s fallback (or like Google’s Message app does), if RCS is sensed by the other non-iMessage user, then RCS will be used, if not right now it would still default back to text SMS but then lose some features like hi-res photos etc. Just don’t know how it will work for me where I am on iMessage on my iPad, but when out with my Android phone will the iMessage’s wait a week until I turn on my iPad again. Would be nice if there was a proper presence sensing, and it routes to there. That may be possible with RCS, but we won’t know how Apple plans to use it, and they are not going to want it to be as shiny and nice as sending an iMessage…

Certainly not now as a replacement but I understand that is the longer term intention. There is a lot of older infrastructure carriers need to unload and move on (lime dismantling 2G and 3G etc), and they often pay negotiated Inter-carrier fees. If it is to replace SMS I understand carriers can zero rate whatever data they want to, so it will be cheaper for them to not charge any data charges on RCS than to actually keep providing text SMS. RCS also uses exiting modern network technologies so there is nothing extra, or outdated, that has to be maintained.

It is the same for Bitwarden. What I noticed is if I go to a site with passkeys, then Bitwarden prompts me with a pop-up to want to add a passkey. It’s not something you manually add, apparently.

There is a difference but right now as long as one uses a good password with a 2FA it is probably good enough. Too many services with passkeys are still quickly offering password resets via e-mail or text, so they, as sites, are not secure. And unless you can move your passkeys with you, like you can with passwords, you don’t want to get locked into a single device or OS.

Google’s own one may be, and that is their right, but it is an open standard so anyone can produce their own RCS app like Samsung has done, and the same way Apple is building support into their exiting app. Nothing should stop a 3rd party developer looking at the standard, and producing an open source RCS app?

Vulnerabilities on the client end are the only way right now for most state actors to gain access to messaging. So yes, various actors are already exploiting that as they have a lot at stake to gain access. But with others already able to exploit that, why would Proton want to do that? Their model is not about advertising or selling data, and they have 100 million paying customers as I understand it. The one’s that have been spying and exploiting have been the likes of Meta’s Facebook with their app present on the client device, and then trying to break Snapchat’s encryption this was (this came out in March 2024). Anyone “can” but we need to also consider “why” and what business model they have.

Yes, but a percentage has to be seen in the context of the total to gauge its impact. India for example is 95% of 1.428 billion people vs Japan is 70% of only 124 million. There are just under 200 countries.

True, it is good, but they need to speed up on passkeys for mobile as many do use mobile devices and what’s the point of having passkeys on desktop.

True, but the big number really is the USA followed maybe by Australia. Entire Middle East, Africa, South America, and Asia are Android. India is also massive (behind China), and India is 95% Android.

RCS should not really be a proprietary app in the sense of a 3rd part installable app. It is normally carrier provided just like SMS works. On Apple the default SMS/Messenger is Apple’s Messages app. On Pixel that is Google Messages and on Samsung phones they have their own one. It has a carrier hook and is apparently tied to the number.

Thanks I did not know that. I see they say share via the vault, but don’t specifically mention exporting, as in to a file for importing elsewhere outside 1Password. But certainly LastPass, Bitwarden and others I’d looked at were not exporting the passkeys.

RCS is carrier based though, which is why the carriers had to buy into it, and they turn it on, not Google. Many in 3rd World countries don’t have e-mail. Many legal notices are today still sent out by text SMS. I get them all the time for bank transactions, government notices, etc. Actually, Samsung’s Message app also supports RCS, and this is what Apple is building into their Apple Messages app too.

They do accept Tor connections though… But I think you have the facts wrong about that access to data unless you have a credible source you can share: They are legally obligated to comply with lawful requests from Swiss authorities if they meet specific criteria (just like every other country except the USA where law enforcement [used?] could just request access. In a US case involving threats against immunologist Anthony Fauci, ProtonMail confirmed they received a legal request from Swiss authorities. However, due to end-to-end encryption, they could only provide the date the account was created, not the content of emails.

Well German is EU, whilst Swiss is Swiss. But either ways, their requirements are way higher than US law for access to any records or metadata. The other thing is, if you live outside of Switzerland, your own government has to arrange legal access via two countries’ jurisdictions. And of course too for the USA, neither the Swiss or the Germans are allowed to just sell off data to data brokers.

Remember, RCS is replacing text SMS and Text SMS has not only absolutely zero encryption of any sort, it also has copies retained by every mobile service provider in terms of their license T&C’s. You need to see RCS as an upgrade of text SMS, and not really a replacement for WhatsApp (yet).

That would be the same data then as WhatsApp, Signal, etc. We pay 100’s of percent more on SMS than data, so although there is a data charge, it is really little compared to SMS.

It will be when SMS s phased out. That was why it has been a long, uphill battle to get the mobile phone providers to buy in. That has to happen before SMS can disappear. That is why no other “messenger/chat apps” need mobile provider buy-in. RCS happens at carrier level, and not as an installable 3rd party app. It’s exactly why it will be adopted by everyone as it is designed to replace SMS.

But you seem to have missed the heading of the post? Bitwarden still (after many months) has not rolled out passkeys to mobile devices. That was actually the point of the post, and Bitwarden needs to start innovating a bit faster as others are overtaking in regard to passkeys. So, you can’t be using Bitwarden for your passkey logins on mobile?

They’re mostly using WhatsApp and I deleted all Meta-owned apps. So, yes if they want to reach me they need to send a text message as most apart from 5 or 10 have never bothered to install Signal, Telegram, SimpleX, Threema, Briar, Jami, etc that I am on.

The whole point of RCS was to replace text SMS. The last year or two has seen one mobile provider after the next adopting it. That was the point of RCS, to get beyond a zero encryption text message and text messages that are very expensive in 3rd world countries. So a lot of it was focussed on mobile operators. It has to be enabled actually by mobile operators to work.