New leak suggests texting may begin again
The big tech news last month was the FBI’s alert to iPhone and Android users to stop texting after Chinese hackers attacked U.S. networks. Sending SMS messages is a blanket no—it’s woefully insecure. But the more surprising warning was the security hole in RCS, which Apple has just adopted on iPhone and which has become the standard on Android. The question for all those iPhone and Android users is when can they start texting again. A new leak suggests this might be coming soon.
The issue exposed by the FBI’s warning was the lack of end-to-end encryption within the core RCS technology itself. Google solved this problem by wrapping full encryption around RCS messages sent between Google Messages users. But message an RCS user on a different app or an iPhone, and that encryption falls away. Apple has the same problem. iMessage encryption only works between Apple users, outside Apple’s walled garden it also falls away.
This issue was clear long before the FBI and America’s cyber defense agency issued their warning for cell phone users to stop texting and use end-to-end encrypted messaging and calls “wherever possible.” It was highlighted when Apple released its RCS deployment with iOS 18 last fall. Google and GSMA — the mobile standards setter — were quick to announce end-to-end encryption will come to RCS , albeit a more detailed update is still months away.
Now a new leak per Android Authority’s investigation into pre-release code suggests that “the latest Google Messages beta supports MLS encryption, RCS’s next step toward E2EE interoperability across apps and platforms.” The team says “we managed to enable MLS for one-on-one RCS conversations in Google Messages, but we haven’t been able to enable it for RCS group chats yet. This indicates that MLS encryption support could be on the horizon for Google Messages.”
I have suggested before that a much simpler solution would be for Google and Apple to collaborate on a fully encrypted bridge between iMessage and Google Messages, but that isn’t currently on the cards. Instead the standard RCS protocol; needs to be upgraded. And that work will fall mostly to Google as the primary driver behind RCS’s expansion. Apple has thus far seemed very cool on the platform and seemed to u-turn on its adoption reluctantly.
MLS or Messaging Layer Security is an IETF supported initiative that aims to provide end-to-end encryption “for group chat settings, in which more than two clients need to agree on a key but may not be online at the same time.” When it first became clear Google was playing with MLS, it seemed it might be for group chats initially, but that seems to have changed.
Android Authority says that “’Zinnia’ is the codename for MLS encryption that Google is using within Google Messages,” and by playing with settings flags “we could enable MLS encryption,” and interestingly that “we can enable MLS encryption only for one-to-one conversations using flags,” despite its group chat origins.
The last update from GSMA on full encryption coming to RCS suggested we still had months more to wait before even getting a timetable on this development. And as I have warned before, this will likely come first to Google Messages in beta for a period before any wider release. Then it needs to make its way onto iPhones, which will take more time unless there’s much more background activity prompted by the FBI’s warning than we realize. Absent that, it would seem likely to be an iOS 19 upgrade at the earliest. Albeit that’s only speculation — there’s no formal update at all.
In the meantime, for Android and iPhone users who would rather send RCS texts from their stock messengers than adopt an over-the-top platform such as Signal or WhatsApp as the U.S. government advises, this will be welcome news.

source