Bad RCS implementations are creating big vulnerabilities, security researchers claim
Illustration by Alex Castro / The Verge
Security researchers at SRLabs have found a number of vulnerabilities with the way carriers around the world are implementing RCS, the new messaging standard designed to replace SMS, Motherboard reports. In some cases, these issues could compromise a user’s location data, they could allow their text messages or calls to be intercepted, or they might allow their phone number to be spoofed.
One issue identified on an unnamed carrier’s implementation could allow any app on your phone to download your RCS configuration file, for example, giving the app your username and password and allowing it to access all your voice calls and text messages. In another case, the six-digit code a carrier uses to verify a user’s identity was vulnerable to...
Comments
Post a Comment