New Delhi: Global consumer electronics brand Nothing swiftly pulled its new “Nothing Chats” beta app from the Google Play Store, just a day after its initial release, citing privacy concerns. The app, designed to be compatible with Apple’s iMessage, was powered by the messaging platform Sunbird.
In an announcement on Saturday, posted on X, Nothing revealed the removal of the beta app and the postponement of its launch until further notice. (Also Read: A Look Inside Delhi’s Jaw-Dropping Mansions Owned By Biz Tycoons – In Pics)
The company stated, “We’ve removed the Nothing Chats beta from the Play Store and will be delaying the launch until further notice to work with Sunbird to fix several bugs. We apologize for the delay and will do right by our users.” (Also Read: Mangaluru Victim Loses Rs 25 Lakh In Fake Trading’s Mirage)
This decision followed users sharing a blog post from Texts.com that raised alarms about Sunbird’s message encryption, highlighting that it lacked end-to-end encryption and could be compromised easily, as reported by The Verge.
As per the findings by Dylan Roussel, detailed on 9to5Google, Sunbird’s solution involved decrypting and transmitting messages through HTTP to a Firebase cloud-syncing server, storing them in an unencrypted plain text format.
Roussel emphasized that Sentry, a debugging service, recorded these messages as errors, giving Sunbird access to all messages exchanged through the app.
Roussel explained, “Sunbird has access to every message sent and received through the app. They do this by abusing @getsentry, which is used to monitor errors. But Sunbird logs messages, pretending they are errors.”
In response, Sunbird defended its approach, stating that HTTP was “only used as part of the one-off initial request from the app notifying back-end of the upcoming iMessage connection.”
Nothing Chats had been announced on November 14, and its beta version was initially released on November 17. The abrupt removal underscores the critical importance of addressing privacy concerns in messaging apps, particularly when handling sensitive user data.