Nothing and Sunbird pulled the shockingly insecure iMessage bridge, but only after it was discovered that not only did Sunbird log and retain messages, vCards, and more, but that retained user data could also be downloaded by others.
The lack of due diligence on Nothing’s part here is ridiculous and I don’t know how any users can trust Nothing with their data again after this. I guess the privacy and security nightmare pre-empted the need for Apple to take any action, which is a win on Apple’s part.
Digital privacy is just not something people (and thus corporations) care about in China. And this is not an insult to China, the Chinese, or CCP. People in China just simple don’t care.
Nothing has products targeted to the US market and this isn’t even a standard privacy/security nightmare - this is literally just publicizing people’s private messages for anyone with a little know how to harvest. China may not care but the western market probably would have an issue with their private messages being literally fair game to anyone.
The thing is, even if the Sunbird app was properly implemented, it would still be a security nightmare because you are relaying people’s iMessage messages on random Mac minis. The messages have to exist in plain text on the server before it’s re-encrypted to be sent to the user. An attacker or malicious admin could easily find a way to log those messages. So no amount of due diligence by Nothing is really necessary here. The entire idea is bad.
But then, if Nothing or the Sunbird developers were actually competent to begin with they would probably have realized that this was a terrible idea and wouldn’t have gone down this path.
The lack of due diligence on Nothing’s part here is ridiculous and I don’t know how any users can trust Nothing with their data again after this. I guess the privacy and security nightmare pre-empted the need for Apple to take any action, which is a win on Apple’s part.
Digital privacy is just not something people (and thus corporations) care about in China. And this is not an insult to China, the Chinese, or CCP. People in China just simple don’t care.
Nothing has products targeted to the US market and this isn’t even a standard privacy/security nightmare - this is literally just publicizing people’s private messages for anyone with a little know how to harvest. China may not care but the western market probably would have an issue with their private messages being literally fair game to anyone.
The thing is, even if the Sunbird app was properly implemented, it would still be a security nightmare because you are relaying people’s iMessage messages on random Mac minis. The messages have to exist in plain text on the server before it’s re-encrypted to be sent to the user. An attacker or malicious admin could easily find a way to log those messages. So no amount of due diligence by Nothing is really necessary here. The entire idea is bad.
But then, if Nothing or the Sunbird developers were actually competent to begin with they would probably have realized that this was a terrible idea and wouldn’t have gone down this path.