Android has recently launched and globally promoted a very important function that allows people to replace traditional messaging applications and benefit from a kind of iMessage like Apple and iOS on their phones. The problem with RCS technology on Android lies in the fact that it does not offer as much security as iMessage, but apparently not as much as that of the messaging applications that currently exist in the world.
Android has had RCS adopted by mobile phone operators around the world, but researchers in Germany have discovered that there are serious flaws in the technology that make it vulnerable to hacker attacks. Android Messages is the native Android application that allows the use of RCS for communications, but it has no protections implemented to validate domains, certificates, or the identity of users using the system.
Android: very SERIOUS PROBLEM with a VERY WANTED New feature
Android can therefore have a user's identity stolen by a hacker, who can communicate with other people as if they were the real user, and of course fraud can also be done from here, all without the victim knowing what is happening. Hackers can use RCS in Android to check if a phone is connected to the Internet, they can intercept the messages that are sent to it, and from here a multitude of extremely serious problems arise for users.
“The underlying issue is that the RCS client, including the official Android messaging app, does not properly validate that the server's identity matches the one provided by the network during the provisioning phase. This fact can be abused by DNS broadcasting, allowing a hacker to be in the middle of the encrypted connection between the mobile network and the RCS core.”
Android has all these problems because the implementation of RCS is just at the beginning, so even Google could not foresee all the situations in which the system could be abused, and of course there are methods by which everything can be corrected. The problem is that Google implements these corrections before Android has the RCS platform used by so many people that the solutions to the problems come much too late.
Android has RCS technology implemented after a lot of waiting by users, and a lot of people fully enjoy what it can offer, but everyone must also know the risks that come due to its incorrect implementation.
