Close Menu
  • Home
  • News
  • Insights
  • Tech
  • Mobiles
  • Gadget
  • Games
  • Laptops
  • Opinions
Facebook X (Twitter) Instagram
  • Home
  • About Us
  • Contact us
  • Privacy policy
  • Terms & Conditions
Facebook X (Twitter) Instagram
INFO NEWSINFO NEWS
  • Home
  • News
  • Insights
  • Tech
  • Mobiles
  • Gadget
  • Games
  • Laptops
  • Opinions
INFO NEWSINFO NEWS
Home»Tech»Not anything’s iMessage app used to be a safety disaster, taken down in 24 hours
Tech

Not anything’s iMessage app used to be a safety disaster, taken down in 24 hours

saqibshoukat1989By saqibshoukat1989November 20, 2023Updated:November 21, 2023No Comments4 Mins Read
Facebook Twitter Pinterest LinkedIn Tumblr Email
Share
Facebook Twitter LinkedIn Pinterest Email
The Nothing Phone 2 all lit up.
Enlarge / The Not anything Telephone 2 all lit up.

Ron Amadeo

It seems corporations that stonewall the media’s safety questions if truth be told don’t seem to be excellent at safety. Ultimate Tuesday, Not anything Chats—a talk app from Android producer “Not anything” and upstart app corporate Sunbird—overtly claimed with the intention to hack into Apple’s iMessage protocol and provides Android customers blue bubbles. We immediately flagged Sunbird as an organization that were making empty guarantees for just about a yr and appeared negligent about safety. The app introduced Friday anyway and used to be instantly ripped to shreds by way of the Web for plenty of safety problems. It did not ultimate 24 hours prior to Not anything pulled the app from the Play Retailer Saturday morning. The Sunbird app, which Not anything Chat is only a reskin of, has additionally been put “on pause.”

The preliminary gross sales pitch for this app—that it might log you into iMessage on Android in the event you passed over your Apple username and password—used to be an enormous safety pink flag that intended Sunbird would wish an ultra-secure infrastructure to keep away from crisis. As an alternative, the app became out to be about as unsecure as you might be able to be. This is Not anything’s remark:

Nothing Chat's shut down post.

Not anything Chat’s close down put up.

How unhealthy are the protection problems? Each 9to5Google and Text.com (which is owned by way of Automattic, the corporate in the back of WordPress) exposed shockingly unhealthy safety practices. Now not simplest used to be the app now not end-to-end encrypted, as claimed a large number of instances by way of Not anything and Sunbird, however Sunbird if truth be told logged and saved messages in simple textual content on each the mistake reporting device Sentry and in a Firebase retailer. Authentication tokens had been despatched over unencrypted HTTP so this token may well be intercepted and used to learn your messages.

Commercial

The Textual content.com investigation exposed a pile of vulnerabilities. The weblog says, “When a message or an attachment is won by way of a consumer, they’re unencrypted at the server aspect till the customer sends a request acknowledging, and deleting them from the database. Which means that an attacker subscribed to the Firebase Realtime DB will at all times have the ability to get right of entry to the messages prior to or in this day and age they’re learn by way of the consumer.” Textual content.com used to be in a position to intercept an authentication token despatched over unencrypted HTTP and subscribe to adjustments going on to the database. This intended are living updates of “Messages in, out, account adjustments, and so on” now not simply from themselves, however different customers, too.

Textual content.com launched a proof-of-concept app that might fetch your supposedly end-to-end encrypted messages from Sunbird’s servers. Batuhan Içöz, a product engineer for Textual content.com, additionally launched a device that may delete a few of your knowledge from Sunbird’s servers. Içöz reccomends that any Sunbird/Not anything Chat customers exchange their Apple IDs now, revoke Sunbird’s consultation, and “Suppose your knowledge is already compromised.”

9to5Google’s Dylan Roussel investigated the app and located that, along with all the public textual content knowledge, “All the paperwork (photographs, movies, audios, pdfs, vCards…) despatched via Not anything Chat AND Sunbird are public.” Roussel discovered 630,000 media information are recently saved by way of Sunbird, and it seems that he may just get right of entry to some. Sunbird’s app advised that customers switch vCards—digital trade playing cards filled with touch knowledge—and Roussel says the private knowledge of two,300-plus customers are obtainable. Roussel calls the entire fiasco “more than likely the most important “privateness nightmare” I have noticed by way of a telephone producer in years.”

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
saqibshoukat1989
  • Website

Related Posts

A crypto pockets maker’s caution about an iMessage trojan horse seems like a false alarm

April 16, 2024

Evaluate: Pitch-perfect Renegade Nell is a gem of a chain you received’t wish to leave out

April 15, 2024

Impressions of Waymo's robotaxis, now operating in SF and Phoenix, after a number of rides: superb tech that briefly feels "standard", however they aren't very best (Peter Kafka/Industry Insider)

April 15, 2024
Add A Comment

Comments are closed.

Categories
  • Gadget (2,002)
  • Games (2,006)
  • Insights (2,010)
  • Laptops (307)
  • Mobiles (2,019)
  • News (1,806)
  • Opinions (1,832)
  • Tech (1,499)
  • Uncategorized (1)
Latest Posts

A crypto pockets maker’s caution about an iMessage trojan horse seems like a false alarm

April 16, 2024

Evaluate: Pitch-perfect Renegade Nell is a gem of a chain you received’t wish to leave out

April 15, 2024

Impressions of Waymo's robotaxis, now operating in SF and Phoenix, after a number of rides: superb tech that briefly feels "standard", however they aren't very best (Peter Kafka/Industry Insider)

April 15, 2024

Subscribe to Updates

Get the latest creative news fromaxdtv.

Facebook X (Twitter) Instagram Pinterest Vimeo YouTube
  • Home
  • About Us
  • Contact us
  • Privacy policy
  • Terms & Conditions
© 2025 Designed by ebrahimbounaija

Type above and press Enter to search. Press Esc to cancel.