Active Stocks
Thu Nov 30 2023 12:13:43
  1. Reliance Industries share price
  2. 2,384.5 -0.67%
  1. Tata Motors share price
  2. 698.8 -1.87%
  1. Tata Steel share price
  2. 128.25 0.43%
  1. ICICI Bank share price
  2. 932.15 -0.77%
  1. HDFC Bank share price
  2. 1,545.45 -0.89%
Business News/ Technology / News/  THIS is why Nothing Chats app is withdrawn from PlayStore: All you need to know
Back Back

THIS is why Nothing Chats app is withdrawn from PlayStore: All you need to know

Nothing Chats, the messaging app from Nothing, has postponed its official launch after its beta version was taken down from Play Store due to security concerns.

For representation purposes only (NOTHING)Premium
For representation purposes only (NOTHING)

Nothing Chats, the messaging app from Nothing, faced a setback as its beta version was swiftly taken down from the Play Store just a day after its initial release. The company has opted to postpone the app's official launch, citing the need for further evaluation and improvement before proceeding.

The Nothing chat app had aimed to address the enduring texting challenges between Android and iPhones by offering support for both RCS and iMessage, intending to bridge the communication gap. Nonetheless, critics have expressed apprehensions regarding potential security risks linked to these proposed solutions.

As per a report by Gadgets Now, the decision to take down the app followed users sharing a blog post from The post revealed that messages sent through Sunbird's system, the foundation of the app, lack end-to-end encryption, making them susceptible to easy compromise.

Reportedly,'s reverse engineering team uncovered that Sunbird and Nothing Chats mandated users to transmit their Apple ID credentials to their servers. The team identified multiple security concerns, such as the transmission of critical credentials over an unencrypted channel (HTTP). Despite Sunbird asserting ISO27001 certification, the investigation revealed misleading information from the company regarding end-to-end encryption.

While messages directed to Sunbird's servers were encrypted, the JSON Web Tokens (JWT) were transmitted without encryption to another Sunbird server, exposing them to potential interception, adds the report.

Subsequently, the messages underwent decryption and were stored on Sunbird's servers, rendering them susceptible to unauthorized access. managed to intercept JWTs, providing them access to the Firebase real-time database and user information with just 23 lines of code.

Sunbird clarified that HTTP is exclusively employed for the initial request from the app to the back-end, serving to notify it of the impending iMessage connection.

The app made its beta debut on the Play Store on Tuesday following its announcement earlier this week.


Milestone Alert!
Livemint tops charts as the fastest growing news website in the world 🌏 Click here to know more.

Catch all the Technology News and Updates on Live Mint. Download The Mint News App to get Daily Market Updates & Live Business News.
More Less
Updated: 20 Nov 2023, 06:00 PM IST
Next Story footLogo
Recommended For You
Switch to the Mint app for fast and personalized news - Get App