GSMA Adds End-to-End Encryption to RCS, Enabling Secure Messaging Between iOS and Android - 1

Photo by Brett Jordan on Unsplash

GSMA Adds End-to-End Encryption to RCS, Enabling Secure Messaging Between iOS and Android

  • Written by Andrea Miliani Former Tech News Expert
  • Fact-Checked by Sarah Frazier Former Content Manager

The GSM Association (GSMA), a global organization representing the interests of mobile network operators, announced this Friday that the latest Rich Communication Services (RCS) protocol now includes end-to-end encryption (E2EE) using the Messaging Layer Security (MLS) protocol. This update enables users to share encrypted messages across platforms for the first time.

In a Rush? Here are the Quick Facts!

  • The GSMA has updated the Rich Communication Services (RCS) protocol to include end-to-end encryption (E2EE) using the Messaging Layer Security (MLS) protocol.
  • This enhancement allows users to share encrypted messages across platforms, including between iOS and Android devices.
  • Apple’s support for RCS in iOS 18 facilitates secure and private communications across different mobile platforms.

According to GSMA’s announcement , the new update comes after Apple added RCS support on iPhones in iOS 18 , which was announced last year. The new updates allow communications across iOS and Android platforms, safely and privately, under the new RCS Universal Profile 3.0 published on Thursday.

RCS—known as the modern version of SMS— was integrated by Samsung in 2012 and Google in 2015 to compete with Apple iMessage. This led the GSMA to publish the first Universal profile in 2016. Apple had developed its own in-house encrypted protocol for iMessage and agreed to join RCS last year.

“RCS will be the first large-scale messaging service to support interoperable E2EE between client implementations from different providers,” said Tom Van Pelt, Technical Director at GSMA. “Together with other unique security features such as SIM-based authentication, E2EE will provide RCS users with the highest level of privacy and security for stronger protection from scams, fraud, and other security and privacy threats. ”

Pelt explained that the latest version of the RCS Universal Profile was a collaborative effort and that the optimized protocol enhances features such as audio messages, individual and group messaging, high-resolution images, and business subscriptions.

Apple has also confirmed its participation and integration of the protocols in the latest iOS 18. “We are pleased to have helped lead a cross-industry effort to bring end-to-end encryption to the RCS Universal Profile published by the GSMA,” said Apple to 9to5Mac in a statement. “We will add support for end-to-end encrypted RCS messages to iOS, iPadOS, macOS, and watchOS in future software updates.”

DeepSeek R1 AI Can Generate Malware Despite Built-in Restrictions - 2

Image by Matheus Bertelli, from Pexels

DeepSeek R1 AI Can Generate Malware Despite Built-in Restrictions

  • Written by Kiara Fabbri Former Tech News Writer
  • Fact-Checked by Sarah Frazier Former Content Manager

Tenable researchers found that DeepSeek R1 can generate malware, raising concerns about AI’s role in cybercrime. Jailbreak techniques bypassed its ethical restrictions.

In a Rush? Here are the Quick Facts!

  • Researchers bypassed DeepSeek R1’s safeguards using a jailbreak method.
  • DeepSeek R1’s chain-of-thought reasoning aids in breaking down complex attack strategies.
  • The AI provided flawed but helpful malware code that researchers refined into working versions.

Tenable’s research team tested DeepSeek R1’s ability to create two common types of malware: keyloggers, which record keystrokes secretly, and ransomware, which encrypts files and demands payment for their release.

Initially, DeepSeek R1 adhered to ethical restrictions, refusing direct requests for malware. However, researchers bypassed these safeguards using a “jailbreak” method, framing their requests as “educational purposes.”

A key feature of DeepSeek R1 is its “chain-of-thought” (CoT) reasoning. This allows the AI to break down complex tasks into smaller steps, mimicking human problem-solving. When prompted, DeepSeek R1 outlined a plan for a keylogger, generating a C++ code sample.

However, the initial code contained errors, including incorrect function calls and missing components. The AI was unable to fix these issues on its own, but after some manual corrections, the keylogger became operational, successfully logging keystrokes to a file.

Researchers then tested DeepSeek R1’s ability to improve the malware. When asked how to better conceal the log file, it suggested encryption techniques. Again, the AI provided flawed but helpful code, which the researchers refined into a working implementation.

The team also examined whether DeepSeek R1 could create ransomware. As with the keylogger, the AI outlined an attack strategy and produced several code samples. However, none were immediately functional. After adjustments, the ransomware could search for files, encrypt them, and ensure it remained active after system restarts.

Despite requiring human intervention, Tenable’s research suggests that DeepSeek R1 significantly lowers the technical barriers for cybercriminals. “We successfully used DeepSeek to create a keylogger that could hide an encrypted log file on disk as well as develop a simple ransomware executable,” the researchers stated.

Tenable warns that DeepSeek R1 is likely to contribute to the increasing use of AI-generated malware . While it lacks full automation, it provides a powerful resource for attackers with basic coding knowledge to refine their techniques.