Nothing Chats taken down just a day after its beta release, users raise security concerns

Nothing Chats, an app that allowed Nothing Phone 2 users to send and receive iMessages, was pulled from the Play Store after it was discovered to have a number of serious security vulnerabilities.

The app was launched on November 17, 2023, and security concerns were raised within hours of its launch. It was discovered that messages were sent in plain text, that media and other attachments were publicly accessible, and that Sunbird, the company that powers the Nothing Chats app, had access to messages and attachments sent from Nothing Chats.

Nothing pulled the app from the Play Store on November 18, 2023, and said that it would be “delayed until further notice” so the company could “work with Sunbird to fix several bugs.”

We've removed the Nothing Chats beta from the Play Store and will be delaying the launch until further notice to work with Sunbird to fix several bugs.

We apologise for the delay and will do right by our users.

— Nothing (@nothing) November 18, 2023

Many users have taken to Twitter to express their concerns about the security vulnerabilities of Nothing Chats. Some users have expressed frustration that Nothing would classify such serious issues as “bugs.”

“Are we now classifying data privacy issues as ‘bugs’?” one user tweeted. “No end-to-end encryption is not a bug; it’s a huge privacy issue,” another user added.

While others have expressed hope that Nothing will be able to address the security concerns and relaunch the app soon, one user said:

“Great decision! After all, this app was in beta, but it certainly felt like alpha to many who struggled to even get the app set up, let alone to get messaging functional. I do hope security fixes are also top of mind here when it returns to the Play Store.”

It remains to be seen if Nothing Chats can recover from the setback. The company needs to regain the trust of its users.