Tags: highlights, tech, systems Link: https://www.theverge.com/2019/11/29/20987738/bad-rcs-implementations-are-creating-big-vulnerabilities-security-researchers-claim Summary: How will regular end users know if their cellular carrier has messed up RCS implementation? Weird how higher levels of systemic problems can be so removed—yet so dangerous—for the individual people affected by them. Date: Sat, 30 Nov 2019 00:04:38
# Bad RCS implementations are creating big vulnerabilities, security researchers claim
One issue identified on an unnamed carrierʼs implementation could allow any app on your phone to download your RCS configuration file, for example, giving the app your username and password and allowing it to access all your voice calls and text messages. In another case, the six-digit code a carrier uses to verify a userʼs identity was vulnerable to being guessed through brute force by a third-party. These problems were found after researchers analyzed a sample of SIM cards from several different carriers.
RCS is supposed to be a big deal. It’s fascinating how these system-wide policies can be messed up in microsystem implementations.