Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Alex Blake

Nothing tried to outdo Apple’s RCS; instead it created a privacy disaster

A hand holding a phone that's running Nothing Chats.

Apple has announced that it will start supporting RCS in its Messages app after many years of holding out. But, shortly before Apple's revelation, phone maker Nothing launched an alternative solution – and it's turned out to be a privacy and security disaster.

Called Nothing Chats, in theory it would have allowed Android users to have an iMessage-like experience when talking to Apple users, with blue text bubbles in place of the green ones currently shown if someone is messaging from Android. It wouldn’t have replicated some other iMessage features, though, like editable texts.

However, there was a serious problem with Nothing Chats: it was a privacy nightmare. In order to use it, you needed to hand over your iCloud login details, with no guarantee that this information would be safely stored by Nothing or Sunbird, the company that developed Nothing Chats.

Things got worse when it was revealed by developer Dylan Roussel (via AppleInsider) that Sunbird had access to every single message sent using the service, including texts, images, videos and more. It achieved this by abusing the Senty error-detection tool: instead of using it to log errors, Sunbird used it to capture entire messages and then pretend that they were errors.

A security nightmare

(Image credit: Shutterstock / DenPhotos)

It didn’t end there. As further detailed by Roussel, anyone could access these messages, and Nothing Chats hadn’t implemented any kind of end-to-end encryption at all – despite claiming that it had.

The lack of attention paid to security and privacy concerns is quite incredible given the size of Nothing, and the numbers of customers it presumably sought to attract to Nothing Chats. Roussel called it “probably the biggest ‘privacy nightmare’ I’ve seen by a phone manufacturer in years.”

These lapses led to the Nothing Chats app being pulled from the Google Play Store over the weekend, a rapid and ignominious demise for what Nothing founder Carl Pei originally called a “naughty idea.” As per Europe’s GDPR privacy statue, Sunbird now has 72 hours to notify potential victims after being made aware of the app’s problems.

If there’s one thing Apple does extremely well, it’s protect its users privacy. We don’t yet know exactly how Apple will incorporate RCS into its Messages app, but it’s a good bet that it’ll be a more competent rollout than Nothing Chats.

You might also like

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.