Don’t let your messages get leaked.
getty
Updated on January 16 with reports of Apple’s new messaging change for the iPhone.
Everything is changing for texting. The surprising news is that Apple may add fully encrypted text messages to iMessage once it fixes its biggest security hole with the next update. All eyes now on iOS 26.3 to see what’s coming and how fast carriers are enabling it.
This is critical because US federal agencies repeatedly warn that sending text messages without the protection of end-to-end encryption is not recommended. Apple’s update – and Google’s too – will bring security to all platforms for the first time, similar to WhatsApp’s messaging apps on Android and iPhone.
But even if you hectare using WhatsApp or Signal or another fully encrypted messaging app as your default, these federal agencies still have tips for you. Some of this should be self-explanatory. But at least one recommendation might surprise you. And it rules out Apple’s new update, even if the encryption problem is eventually fixed.
“Avoid scanning group invite links or QR codes from unknown sources,” says the US Cyber Defense Agency. of CISA The warning will resonate now, as Iranian hackers have just been caught attacking foreign citizens using this tactic.
Similarly, you should “remain suspicious of unexpected security alert messages”, you should also check and remove any unrecognized connected devices, and you should When share any security codes sent to your phone.
However, CISA also says to “enable message expiration features to automatically delete sensitive messages after a specified period.” This so-called disappearing message feature is available on WhatsApp and Slogan and Facebook Messenger. All of which are fully encrypted.
There is no such option in Apple’s iMessage, and while you can do this through the Google app, unless iMessage adds the same, then it doesn’t provide a complete solution.
Disappearing messages are a controversial topic, especially within a work or regulatory context. But now it is more and more popular. If you don’t use it, a record of everything you say will remain on your phone and on all recipients’ phones — potentially forever.
While CISA’s warning to delete sensitive messages specifically refers to the expiring or disappearing messages feature in apps like WhatsApp and Signal, there is an even more critical aspect to what needs to change.
Not only does Apple not offer expiring messages in iMessage, but even the option to delete and “unsend” accidentally sent texts is very limited. As an expectation expands that Apple may now upgrade RCS, perhaps with the upcoming iOS 26.3, this should change.
Whether Apple decides to extend the limited do-not-send option to RCS messages is critical. It is in the protocol and it can be done. However, Apple says that “to unsend or edit text messages, you must be using iMessage with iOS 16, iPadOS 16.1, macOS 13, visionOS 1 or later.”
This means, specifically, “SMS, MMS, or RCS text messages cannot be processed or sent. It is arguably more important to change this specific sensitive message setting as the broadest expiration for all messages. Ideally, Apple matches Google and now adds both.
Don’t hold your breath. All this will take time to land. As Android Authority notes that while it’s now clear that “Apple is working on end-to-end encryption for RCS in iOS 26.3 Beta 2,” it appears that “only four carriers (all residing outside the US) have this line of code, and none of them have flipped the switch yet.”
