He didn’t pull anything None demo chats from the Google Play Store, saying it is “postponing the launch until further notice” while it works to fix “several bugs.” The app promised to let Nothing Phone 2 users send text messages using iMessage, but it required allowing Sunbird, which provides the platform, to log into users’ iCloud accounts on its Mac Mini servers, which… isn’t cool?
The removal came after users shared a file widely Blog from Texts.com He explains that messages sent using the Sunbird system are not actually end-to-end encrypted – and that they are not difficult to hack. The app was launched in beta yesterday after being announced earlier this week.
9to5Google pointing to To the subject of Site author Dylan Russellwho found that part of Sunbird’s solution involved decrypting messages, sending them using HTTP to a Firebase cloud sync server and storing them there in unencrypted plaintext. Russell posted it The company itself has access to the messages because it logs them as errors using Sentry, a debugging service.
Sunbird claimed yesterday That HTTP is “only used as part of the initial one-time request from the app to notify the backend of the upcoming iMessage connection.”
This was a response to whoever referred to it Texts.com blog Vulnerability check. Texts.com wrote that “an attacker subscribed to a real-time Firebase database will always be able to access messages before or at the moment the user reads them.” The blog also notes that the company can see messages in its Sentry dashboard, which directly conflicts with Claim from FAQ about nothing That no one at Sunbird can access messages sent or received.
We reached out to None for further comment, but the company had not responded as of press time.
“Writer. Friendly troublemaker. Lifelong food junkie. Professional beer evangelist.”