Those aren’t loopholes and are widely known? I mean, they have an entire E2EE iCloud feature giving customers a choice between security and convenience:

https://support.apple.com/en-gb/108756

RCS has never offered that security guarantee at the protocol level. Google has deployed a proprietary encryption layer on top but refuses to allow other clients access. This was rather famously part of the blue/green message divide which was in the news for years.

Similarly push notifications have had privacy recommendations for ages - that’s why apps like Signal give users the option to choose their level of risk exposure.