RCS is a net loss for privacy: it gives the carriers visibility into your social graph and doesn’t support end to end encryption. Google’s PR campaign tried to give the impression that RCS supports E2EE but it’s restricted to their proprietary client.
By what? It's impossible for a process to know for sure if the system is rooted or not. A rooted system can present itself to a process to look like a non-rooted system if it's engineered well enough.
I'd bet that most of these apps probably just check if "su" returns a shell, in which case perhaps all that's needed is to modify the "su" executable to require "su --magic-phrase foobar" before it drops into a root shell, and returns "bash: su: not found" or whatever if called with no arguments.
