Nothing Chats beta gets pulled from the Play Store due to major privacy contradiction

Nothing Chats beta gets pulled from the Play Store due to major privacy contradiction،

Last week, just before Apple surprised the tech world by announcing that it would allow the iPhone to support RCS starting next year, Nothing CEO Carl Pei announced the Nothing Chats app. Created in partnership with universal messaging platform Sunbird which planned to bring iMessage to Android users, the Nothing Chats app would allow Nothing Phone (2) users to use iMessage on their Nothing (2) phone under Android.

The edge reports that Nothing has removed the Nothing Chats beta app from the Google Play Store and is “delaying launch until further notice” while seeking to exterminate several bugs. The app would have allowed Nothing Phone (2) users to send text messages with iMessage, but only if Sunbird could connect to users’ iCloud accounts. Texts.blog, the blog of messaging client Texts.com, called the Nothing Chats app a reskinned version of the Sunbird app and said the app was insecure.

Texts.blog wrote that “Sunbird” and the “Nothing Chats” app require users to send their Apple credentials to their servers, where they are authenticated using a virtual machine running MacOS.

Sunbird has access to all messages sent and received through the app. They do it by abusing @getsentrywhich is used to monitor errors.

But Sunbird logs the messages, pretending they are errors.

Here is part of the requests (img 1, 3) and their entire “message” (img 2, 4) pic.twitter.com/pzwwQVWfOb

– Dylan Roussel (@evowizz) November 18, 2023

The Texts.com team discovered that messages sent through the Sunbird platform are not encrypted (Sunbird has access to every message sent and received through the app). A tweet from Android app developer Dylan Roussel says that Sunbird does this by “abusing @getsentry, which is used to monitor errors. But Sunbird logs the messages, pretending they are errors.” This contradicts an FAQ taken directly from the Nothing site from 11/17/2023 and later.

The FAQ question asked: “Are my messages secure?” » The response stated: “Yes, Nothing Chats is built on Sunbird’s platform and all Chats messages are end-to-end encrypted, meaning neither we nor Sunbird can access the messages you send and receive. ” But that doesn’t match what Texts.com found. And if there is no encryption and your texts are compromised, you have sent your Apple ID to a third-party service and could allow attackers to view your photos, videos, contacts, notes, etc.

None of this will have any impact on Apple’s decision to support RCS, which was most likely an attempt by Apple to preempt the EU’s Digital Markets Act (DMA) which could have forced Apple to add RCS support to iPhone in all 27 EU members. country if the EU decided to call iMessage a “gatekeeper”.