"Nothing's iMessage App: A Security Disaster Pulled from Google Play Store in 24 Hours"
Nothing Chats, a chat app developed by Android manufacturer "Nothing" and Sunbird, claimed to be able to hack into Apple's iMessage protocol and give Android users blue bubbles. However, the app was found to have numerous security issues, including lack of end-to-end encryption, storing messages in plain text, and sending authentication tokens over unencrypted HTTP. Both 9to5Google and Text.com uncovered vulnerabilities, with the latter releasing a proof-of-concept app that could fetch supposedly encrypted messages from Sunbird's servers. Personal information of users, including vCards, was also found to be accessible. The app was taken down within 24 hours of its launch, and users are advised to change their Apple IDs and assume their data is compromised.
- Nothing’s iMessage app was a security catastrophe, taken down in 24 hours Ars Technica
- Sorry, America! iMessage coming to Android won't solve the real problem: Don't let Nothing fool you PhoneArena
- Nothing Chats just got pulled from Google Play store over security concerns Tom's Guide
- New Android app that let people text iPhone friends on iMessage is removed a DAY after launching over... The US Sun
- Nothing Chats Fails the Security Test Droid Life
Reading Insights
0
0
2 min
vs 3 min read
79%
535 → 115 words
Want the full story? Read the original article
Read on Ars Technica