Nothing Chats, a rival to apps like Beeper and AirMessage, advertised itself as a secure platform for sending messages to iMessage users.
However, less than 24 hours after its launch, investigations into the app revealed that Nothing Chats logged every message in plain text and stored unencrypted data, including text messages, images, videos, and more, making it a significant privacy and security risk.
The company removed the app from the Play Store following these complaints, citing “several bugs” that need fixing.
I imagine Nothing’s Infosec team must be terrible or non-existent. Any half decent infosec team would immediately raise red flags and pull in the legal dept as soon as they heard “let’s let our customers give their iCloud credentials to a small vendor we just hired.”
Really? Nobody did an arch review for this and figured this was going to be caught/uncovered/talked about day one?
I imagine Nothing’s Infosec team must be terrible or non-existent. Any half decent infosec team would immediately raise red flags and pull in the legal dept as soon as they heard “let’s let our customers give their iCloud credentials to a small vendor we just hired.”
… be over-ridden by a Chief Product Officer who says ‘[something something] for now’ .