Security Concerns Prompt Removal of Nothing Chats from Google Play Store

Aiman Maulana
3 Min Read
Security Concerns Prompt Removal of Nothing Chats from Google Play Store

Nothing, the tech company behind Nothing Chats, faced a setback this week as the iMessage clone was abruptly pulled from the Google Play Store. While Nothing cited “several bugs” as the reason, emerging evidence suggests underlying security issues may be the real cause for the removal.

Nothing Chats Removed from Google Play Store

A technical analysis conducted by Texts.com author Rida F’kih, along with insights from Twitter users @batuhan and @1ConanEdogowa, revealed concerns about Sunbird, Nothing’s service provider, and its claims of end-to-end encryption. The sign-up process for Nothing Chats required users to log in to Sunbird servers using their Apple ID, operating on a Mac mini with a virtual machine.

Security Concerns Prompt Removal of Nothing Chats from Google Play Store

Security Concerns Prompt Removal of Nothing Chats from Google Play Store

The investigation exposed that JSON Web Tokens (JWT) generated by the service were sent unencrypted to another Sunbird server without SSL, making interception by potential attackers possible. Additionally, messages were decrypted and stored on Sunbird servers, providing an opportunity for unauthorized access before the user.

Texts.com demonstrated the vulnerability by intercepting JWTs and accessing the Firebase realtime database, highlighting the potential risk to user information and conversations. This privacy lapse squarely falls on Sunbird’s shoulders, but Nothing’s association with the service implicates the company in the security concerns. Labeling these issues as mere “bugs” has been criticized as misleading and dishonest.

As Nothing takes the app offline for an indefinite period to address these security issues, users are advised to exercise caution when logging into third-party services with sensitive credentials.

Source

Pokdepinion: The incident raises questions about the integrity of Nothing Chats and the necessity for robust security measures in messaging apps. The upcoming re-release of the app will be closely watched for a resolution to these concerns.

Share This Article