Nothing pulls its Android-to-iOS chat app from Google Play over safety issues
[ad_1]
A sizzling potato: When Nothing unveiled its chat app final week, it appeared to have cracked the wall separating iMessage customers from everybody who would not personal an iPhone. Nonetheless, a gaggle of safety researchers quickly made sharp accusations towards its safety integrity, suggesting the service is simply too good to be true.
Amid critical privateness issues, Nothing has removed the beta for its Android-to-iOS chat app from the Google Play Retailer. The corporate additionally delayed the total launch however hasn’t specified for a way lengthy.
The brand new service, Nothing Chats, allowed Nothing Cellphone 2 house owners to ship texts to iMessage customers on Apple units with superior options like end-to-end encryption, high-quality media, group chats, and extra. As a result of iMessage is unique to Apple units and would not presently assist RCS, it converts messages from Android units to SMS or MMS, that are much less safe and lack trendy performance.
I simply wish to make clear one thing. Sunbird *lied* to Nothing. They stated messages have been end-to-end encrypted. They weren’t. Sunbird knew this as a result of they add stuff to Firebase.
Nothing mustn’t simply “delay the launch.” They need to cancel the entire undertaking. https://t.co/COjeFwdMm1
– Dylan Roussel (@evowizz) November 18, 2023
Rivals like Google, Meta, and quite a few telecom suppliers have repeatedly criticized the Cupertino Big’s messaging insurance policies, and the rising menace of regulation from Europe might have pushed Apple to vary them. The corporate plans to implement RCS subsequent yr as a brand new fallback.
In the meantime, a gaggle of safety researchers solid doubt on assertions by Nothing and backend supplier Sunbird that their middleman resolution maintained end-to-end encryption. A prolonged technical critique alleges that, at sure factors, as Sunbird mediates messages between Android and iMessage, content material and account info grow to be unencrypted and weak to assault.
Utilizing Nothing Chats requires customers to offer Sunbird their Apple IDs – which itself is dangerous – however the researchers printed a proof-of-concept claiming hackers may doubtlessly entry that knowledge. Moreover, they state that the data’s visibility to Sunbird staff may make it ripe for insider assaults.
Thread time!
Abstract:
– Sunbird has entry to each message despatched and acquired by means of the app in your gadget.– The entire paperwork (photographs, movies, audios, pdfs, vCards…) despatched by means of Nothing Chat AND Sunbird are public.
– Nothing Chats will not be end-to-end encrypted.
– Dylan Roussel (@evowizz) November 18, 2023
Nothing and Sunbird pulled the Nothing Chats beta from the Google Play Retailer quickly after the revelations. Nothing attributed the elimination and launch delay to bugs, which drew harsh criticism from commenters accusing the corporate of mendacity about its safety features. The researchers recommend that anybody who has used Nothing Chats ought to change their Apple password, revoke account entry from the app, and uninstall it.
If Nothing and Sunbird do not handle the criticisms, house owners of the Nothing Cellphone 2 and different Android units will doubtless have to attend till Apple implements RCS into iMessage in 2024. Though the change will enhance how messages from Android to Apple units seem, they will not incorporate all iMessage options.
Google will work alongside Apple to supervise the mixing, which ought to implement learn receipts, stay typing indicators, and high-resolution media. RCS on iMessage will use encryption from the GSM Affiliation as a substitute of the system Apple makes use of for messages between the corporate’s units. Furthermore, iMessage will stay unique to Apple {hardware}, and iOS customers receiving messages from Android will proceed to see inexperienced bubbles.
[ad_2]
Source