Comment by toast0
2 years ago
The messaging claim seemed to be about carrier based messaging; SMS and MMS, and I guess in theory RCS (but is that really carrier based if Google has taken it upon themselves to enroll most Android users on a Google server)
Apps that read inbound SMS may be malicious and use that ability to steal verification codes. Or they may not be actively malicious, and meerly handle the data in an insecure way that makes messages available to others.
Performance, I dunno. Maybe they could argue something about how time between user requesting an SMS be sent and it actually getting sent is very important, and similar for display, and that they're more likely to do that right. I've certainly seen some Android manufacturer provided SMS clients that do much better than others on that, although I have no recent performance notes since I no longer get massive floods of SMS from too simple monitoring systems.
In the Epic lawsuit it was shown that Apple really actually more cared about this than "security":
> “The #1 most difficult [reason] to leave the Apple universe app is iMessage ... iMessage amounts to serious lock-in,” was how one unnamed former Apple employee put it in an email in 2016, prompting Schiller to respond that, “moving iMessage to Android will hurt us more than help us, this email illustrates why.”
> “iMessage on Android would simply serve to remove [an] obstacle to iPhone families giving their kids Android phones,” was Federighi’s concern
> Apps that read inbound SMS may be malicious and use that ability to steal verification codes. Or they may not be actively malicious, and meerly handle the data in an insecure way that makes messages available to others.
Apple can't make that argument since they allow apps that scan SMS messages for spam.