Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Encryption Privacy

Sunbird is Shutting Down Its iMessage App for Android (theverge.com) 12

Posted by msmash from the tough-luck dept.
Sunbird, the app that brings iMessage to Android, has temporarily shut down the service over "security concerns." From a report: In a notice to users, Sunbird says it has "decided to pause Sunbird usage for now" while it investigates reports that its messages aren't actually end-to-end encrypted. Sunbird launched in 2022 as a messaging app that attempts to put the blue versus green bubble battle to rest. It has only been available to those who sign up for its waitlist, touting numerous privacy features, like end-to-end encryption, no message data collection, and no ads.

Last week, Sunbird partnered with Nothing, the phone brand owned by OnePlus co-founder Carl Pei, on the launch of Nothing Chats. The Sunbird-powered messaging service is supposed to let owners of the Phone 2 send texts via iMessage, but it was pulled from the Google Play Store just one day after its launch. At the time, Nothing said it had to fix "several bugs" within the app. However, its removal from the Play Store came around the same time a post from Texts.blog revealed that messages sent via Sunbird may not be end-to-end encrypted.
This discussion has been archived. No new comments can be posted.

Sunbird is Shutting Down Its iMessage App for Android More

Sunbird is Shutting Down Its iMessage App for Android

Comments Filter:
  • Comment removed based on user account deletion

    • This is why you do a security audit, including a 3rd party review from a security audit specialist BEFORE you ship. Qualys and other companies who regularly do this are more than happy to take some money to show you just how completely and utterly you fucked up on security, with a nice list of deficiencies and suggested remediations.

      So congratulations on saving that one-time 5-digit sum of money - now you get to shutter your entire platform until you've spent that 5-digit sum of money anyway, all while the

      • This is why you do a security audit, including a 3rd party review from a security audit specialist BEFORE you ship.

        Problem is, as numerous folks were quick to point out when Nothing announced this feature, it is impossible for a 3rd party to implement iMessage on Android in a secure manner. As Apple will never give such a service their blessing, it's always going to involve using hacky means of gaining access to iMessage (running multiple macOS instances in VMs is how it's typically accomplished). Such an implementation will always require your credentials and will retain unencrypted copies of anything you send/receiv

        • Sure. But there's inherent security issues that can be documented and trust can be built up; and then there's bone-headed dipshittery such as what is on display here - using HTTP instead of HTTPS for credential exchange, storing sensitive data in 3rd party publicly accessible databases (Google FireBase), etc.

          Sometimes you can get away with imperfect security if you have client trust. Sunbird has none and has actively shown they are completely clueless in an incredibly public way, which means they never wi

        • Comment removed based on user account deletion

  • Funny, they did that yesterday, too. https://it.slashdot.org/story/... [slashdot.org]

    • Re: (Score:2)

      by aitikin ( 909209 )

      To be fair (queue a Letterkenny gif), yesterday's was specifically about the downstream app, "Nothing Chats," where as this article is about the Sunbird specific app and service. Guessing that Nothing Chats's launch is what shone a light on the security failures inherent to Sunbird's service, but they are technically different.

      Analogously, the post from your link is like saying Red Hat closed down, and this post is saying Linux closed down.

      • Re: (Score:2)

        by ratbag ( 65209 )

        Nope, yesterday's story had "the Sunbird app, which Nothing Chat is a clone of, was put "on pause." in the summary.

    • Re: (Score:2)

      by tlhIngan ( 30335 )

      Actually, yesterday it was about Nothing's app, which was based on the Sunbird app. Nothing is a phone manufacturer.

      Today's story, while nearly identical, is about Sunbird's app. This is considered to be the first sort of response by Sunbird themselves.

      The funny thing is, there's a third app that does the same thing but it's been around a long while already.

  • Carl Pei Nothing Chats

    ( It wasn't supposed to be on a single line, he said, and he never went back to get it fixed. The next batch better be perfect he muttered but it didn't matter

  • Why "may"? Isn't it rather trivial to find out without any doubt?

  • Try https://www.beeper.com/ [beeper.com] Uses a different system, seems legit and secure. Anyone have experience with it?

Slashdot Top Deals

Suggest you just sit there and wait till life gets easier.

Close