Nothing Chats App has Privacy Issues
It has not officially launched yet. But Nothing removed its Nothing Chats beta from the Google Play Store until further notice. The reason? It has several bugs to be fixed.
Nothing Chats app promised to allow Nothing Phone 2 users to text with iMessage. To do so, it needs Sunbird which provides the platform. Through Sunbird, users can log into their iCloud accounts on its Mac Mini servers.
Unfortunately, the messages are not end-to-end encrypted. It is also not difficult to hack it.
According to Kishan Bagaria:
“texts team took a quick look at the tech behind nothing chats and found out it’s extremely insecure it’s not even using HTTPS, credentials are sent over plaintext HTTP backend is running an instance of BlueBubbles, which doesn’t support end-to-end encryption yet.”
The solution of Sunbird involves transmitting and decrypting messages with the use of HTTP to a cloud-syncing server. What’s not so great is that the company stores the messages on the server in unencrypted plain text.
However, Sunbird responded by saying:
“The HTTP is only used as part of the one-off initial request from the app notifying back-end of the upcoming iMessage connection iteration that will follow via a stand alone communication channel.From the start, Sunbird has been focused on security.”
End-to-end encryption is a security measure that ensures that only the sender and the intended recipient of a message can read its content. In the context of text messages, there are several reasons why end-to-end encryption is considered important.
Protecting the Privacy of Communication
For one, it protects the privacy of communication by preventing intermediaries, such as service providers or hackers, from accessing the content of the message. Even if the communication is intercepted, the encrypted content is unintelligible without the appropriate decryption keys.
Without E2EE, service providers might have access to the content of messages, making it possible for them to monitor or analyze the communication. End-to-end encryption helps protect against unauthorized surveillance, whether it be by third parties, governments, or the service providers themselves.
It also minimizes the risk of data breaches because even if a server is compromised, the encrypted messages remain unreadable without the necessary decryption keys. This contrasts with systems where messages are stored in plain text, making them vulnerable in case of a security breach.
Users are more likely to trust and use messaging services that prioritize their privacy and security. Knowing that their messages are end-to-end encrypted provides users with a higher level of confidence in the confidentiality of their communication.
In some jurisdictions, there are legal and ethical obligations to protect user privacy. E2EE helps service providers adhere to these regulations by limiting their ability to access and disclose user data.
Nothing Chats has blocked downloads of the app in the Play Store. When you search for it in the Play Store, it will not show up.
It sounds like Nothing and Sunbird have not figured out how the app would work. The app didn’t look great, according to many users who have tried the beta.