• AutoTL;DRB
    link
    English
    61 year ago

    This is the best summary I could come up with:


    We immediately flagged Sunbird as a company that had been making empty promises for almost a year and seemed negligent about security.

    The initial sales pitch for this app—that it would log you into iMessage on Android if you handed over your Apple username and password—was a huge security red flag that meant Sunbird would need an ultra-secure infrastructure to avoid disaster.

    Both 9to5Google and Text.com (which is owned by Automattic, the company behind WordPress) uncovered shockingly bad security practices.

    Text.com released a proof-of-concept app that could fetch your supposedly end-to-end encrypted messages from Sunbird’s servers.

    Batuhan Içöz, a product engineer for Text.com, also released a tool that will delete some of your data from Sunbird’s servers.

    Içöz reccomends that any Sunbird/Nothing Chat users change their Apple IDs now, revoke Sunbird’s session, and “Assume your data is already compromised.”


    The original article contains 408 words, the summary contains 139 words. Saved 66%. I’m a bot and I’m open source!

  • @Gilles_D@feddit.de
    link
    fedilink
    English
    11 year ago

    Not only was it rendered useless in the long term (RCS), it was also dangerous to use it all along. I guess that’s something, nothing?