this post was submitted on 19 Nov 2023
663 points (97.7% liked)

Technology

59438 readers
4365 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 
  • Nothing Chats, a rival to apps like Beeper and AirMessage, advertised itself as a secure platform for sending messages to iMessage users.
  • However, less than 24 hours after its launch, investigations into the app revealed that Nothing Chats logged every message in plain text and stored unencrypted data, including text messages, images, videos, and more, making it a significant privacy and security risk.
  • The company removed the app from the Play Store following these complaints, citing "several bugs" that need fixing.
you are viewing a single comment's thread
view the rest of the comments
[–] Ghostalmedia 30 points 1 year ago (1 children)

IMHO, the big fuck up is on the business side of the fence. Their product’s success rides on Apple not sicking their giant legal team on them. They needed to play this carefully. AKA, they needed to live up to the security promises.

Now they’re in the press for being an iMessage security vulnerability, and security is something Apple spends a LOT of marketing money on.

Apple is going to want to protect that image, and I wouldn’t be surprised if they come for Sunbird in the coming weeks.

They played this fast and loose, and it will probably cost them.

[–] kautau 11 points 1 year ago (1 children)

Yeah very much this. Their way of running a bunch of Macs intercepting iCloud messages was already sketchy, so I was surprised Apple hadn’t come for them sooner. But now that it turns out everything was being stored unencrypted in plaintext? Apple’s legal team couldn’t be happier, they did their jobs for them.

[–] Ghostalmedia 7 points 1 year ago (1 children)

My guess is that they would care less about people who decide to sign up for this service, but they are going to care about the customers on the other end of the line. AKA, the people who are not tunneling through Sunbird, and don't know they're communicating with a compromised user.

[–] kautau 6 points 1 year ago

That's definitely true, if they follow their “Apple is the most secure consumer electronics manufacturer” PR strategy, they will be intent to try to trace what accounts were communicating with whom, and alert said Apple users about potential data breaches. Tbh, while it fits their MO of being really good at PR, it’s also just generally a good thing. People should know if messages they sent that they thought were secure turned out not to be.