Updated November 20, 2023: the Nothing Chats application has been removed from the Play Store due to poor exchange security and a potential breach of user data. It was indeed discovered that session and message information was available in plain text from Sunbird, the company participating in the development of Nothing Chats, but not only… (Source)
We introduced youlast year Nothing's first phone, which is a brand recently created by Carl Pei, the former co-founder of the branch ofOppo, which is none other thanOnePlus. After leaving the brand in 2020, he wanted to embark on a new adventure.
Compared to other phone manufacturers operating underAndroid, Carl Pei is the one who comes closest to Apple's philosophy in terms of user experience. When he was atOnePlus, the brand offered an overlay ofAndroid(OxygenOS) much more fluid and refined than other brands. But after he left,OxygenOSmerged withColorOSofOppo, to the detriment of the minimalism so appreciated by usersOnePlus.
In any case, if humans attach great importance to ergonomics and refined interfaces,the same cannot be said for confidentiality. This is indeed what the founder of the messaging application confirmedTexts.
The app is not secure at all
Carl Pei announced the messaging app last weekNothing Chats. Its particularity is that for the first time, an Android messaging application would becompatible with iMessage.Nothing Chatshad beenadvertised as a secure applicationrespecting the privacy of its users,including end-to-end encryption. This announcement did not fail to provoke a reaction on the web, and in particular the team of the messaging applicationTexts, who wanted to verify Carl Pei's statements by analyzing theNothing Chatsfrom the inside.
After verification, Kishan Bagaria, who is the founder ofTexts, shared the results of the analysis carried out by his team, on the social network [X].According to him, the application is absolutely not secure and does not even meet minimum security standards.
No HTTPS
HTTPS (Hypertext Transfer Protocol Secure) encryption is very well known to the general public. If when you go to a site, and there is the small closed padlock in the address bar, then the HTTPS certificate is present and you are browsing a secure site. However, it sometimes happens that the padlock is open. In the latter case, browsers generally warn us that the site is not secure and that navigation is risky. Thus, Carl Pei's messaging application does not even meet this basic standard.
Nothing Chatsis also powered byBlueBubbles, an unreputable messaging service known for its lack of encryption.
A curious outcome for this story, we thought Carl Pei was more serious than that.
i-nfo.fr - Official iPhon.fr app
By : Keleops AG
