Final week we noticed Nothing, the Android telephone maker based by Carl Pei of OnePlus fame, announce that it was bringing iMessage help to its newest telephone through a collaboration with Sunbird. On the time Sunbird may need gone beneath the radar a bit bit, but it surely was already providing an invitation-only service for all Android telephones that allowed them to ship and obtain iMessages.
That each one appeared like a really unhealthy concept, not least as a result of the prospect of handing over the keys to your Apple ID felt just like the form of factor that folks most likely should not be doing. There was little cause to suspect that Nothing was as much as no good, and the identical probably went for Sunbird — though that was much less clear final week — however I did marvel how safe the entire system was.
Now, it seems that the system wasn’t that safe in any case. The truth is, it was very insecure throughout the board and issues are so unhealthy that Sunbird has now taken the choice to take its service offline. For a way lengthy, no one is aware of. But it surely would not look nice for the corporate or its collaboration with Nothing. The truth is, issues do not look nice for the telephone maker, both. After a self-congratulatory mock interview with a member of the press was shared on YouTube, Nothing’s Carl Pei is left with egg on his face. Perhaps somebody ought to have regarded into Sunbird a bit extra earlier than we acquired this far.
‘We’ve got determined to pause Sunbird utilization’
Issues began to go awry final week when it turned clear that maybe Sunbird’s safety methods weren’t all they have been cracked as much as be. Not solely have been messages not protected by end-to-end encryption as was promised, however 9to5Google was capable of finding greater than 630,000 information that had been despatched through Nothing Chats — the app powered by Sunbird.
These information have been accessible through a vulnerability which was compounded by the truth that all the knowledge was saved on servers managed by Sunbird which was one thing we might been instructed wasn’t the case.
Nothing later determined to dam downloads of Nothing Chats with a notification despatched to customers to inform them that the supply of the app had been “paused.” That was adopted by messages being despatched to customers of the standalone Sunbird app saying a lot the identical.
“Good afternoon everybody,” the notification started. “We’re investigating the safety points raised within the final 24 hours. In an abundance of warning and to guard your confidential knowledge, we’re shutting down Sunbird media briefly. We’ll preserve you posted.” The message ended by thanking customers and providing “honest apologies for the inconvenience.”
So what occurs subsequent?
The subsequent steps are very a lot as much as Sunbird proper now. Nothing cannot do all that a lot as a result of it wants Sunbird to run the entire system on the again finish, so the destiny of Nothing Chats is up within the air. Even when all the safety points that have been discovered final week are fastened, I am nonetheless not snug with handing entry to my Apple ID to anybody, not to mention an organization accused of elementary safety flaws and mendacity about encryption that does not appear to be there.
Will Nothing Chats ever be out there once more and can Sunbird survive this storm? Time will inform, but it surely won’t matter in the long run. With Apple asserting RCS help for subsequent 12 months, the necessity to convey iMessage help to Android through hacks like Sunbird will go away quickly sufficient anyway. And which may in the end be the largest drawback for the corporate to cope with.
Extra from iMore