The other day, a rather curious event happened on the market quite quietly. Nothing has introduced the Nothing Chats application, which could be called just another instant messenger, but the point is that this application actually allows Android owners to exchange messages with iPhone owners via iMessage. And a few days later, this application was removed from the Google Store.
Nothing initially stated that this was done due to the discovery of several bugs that simply needed to be fixed. However, it seems that the real reason is something else, and it is worse.
Let us remind you that the interaction between the Android messenger and iMessage occurs on a third party. She is represented by the Sunbird company, which provides its platform through which the magic happens. However, it turned out that in terms of data security, this platform is apparently much worse than Sunbird itself stated. In particular, there is no end-to-end encryption.
The Sunbird platform, and therefore the Nothing Chats app, requires a new user of the app to submit their Apple ID credentials to set up syncing. This data is then authenticated on your behalf using a virtual machine running MacOS. The main problem is that the request containing user credentials occurs over an unencrypted channel (HTTP).
The situation as a whole is more complex and is fully described on the Text.Blog website, where several specialists explain how they discovered the problem and what it is. Among other things, they show that they can obtain users’ personal data.
Thus, in fact, Nothing may not be to blame for the situation, but whether the application will now return to the Google Store is an open question.
“Eliminate the password with best-in-class security keys.” New Google Titan Security Keys Unveiled
Google has introduced a new version of the Titan Security Key. The new product is already available for purchase at a price of $30.
In its press release, Google from the very first lines focuses on the fact that this solution allows you to abandon passwords.
Eliminate passwords and prevent attacks with best-in-class security keys that can store up to 250 unique access keys, and learn about our commitment to providing 100,000 keys to high-risk users worldwide by 2024
We are talking about free distribution of 100,000 such devices. Google says it and its partners will distribute the Titan Security Key to users around the world.
The new version of the dongle is available in two versions: USB-A and USB-C. The first one costs 30 dollars, but for some reason they ask for 35 dollars for the second one. Both versions have an NFC module for easy and fast connection to mobile devices.
Google Keys supports FIDO2, so can be used as a two-factor authentication solution.
Samsung Galaxy S23 was hacked twice in a day. Xiaomi 13 Pro couldn’t resist either
As part of the Pwn2Own event to find vulnerabilities in commercial products, white hat hackers managed to hack the Samsung Galaxy S23 twice in one day. But this smartphone is considered one of the most secure in terms of software.
According to the Zero Day Initiative, the Star Labs SG team hacked the Galaxy S23 using an allowed list of commands. For discovering and demonstrating the vulnerability, white hat hackers earned $25 thousand and 5 Master of Pwn points.
Pentest Limited received $50 thousand and 5 Master of Pwn points for demonstrating another vulnerability – incorrect input validation (this vulnerability can be used as an exploit).
Samsung has already received all the details about the discovered vulnerabilities – the company will close these holes in future security updates.
By the way, hackers tested not only the Galaxy S23 software for durability: Team Viettel and NCC Group hacked Xiaomi 13 Pro, for which they received 40 and 20 thousand dollars, respectively.
Firmware update improves stability and security of Samsung Galaxy S21 FE
This week, firmware was released for the Samsung Galaxy S21 FE smartphone in Europe and the USA, which should make the device more stable and safer. The new software includes the October Android security update, which patches 12 holes in the system, as well as a number of general improvements that should improve stability.
In the USA, the new firmware is available under the numbers G990USQS9EWI2 (for carrier smartphones) and G990U1UES9EWJ1 (for smartphones without carrier lock). In Europe, the firmware numbers are G990BXXS6EWJ1 and G990B2XXS5EWJ1.
Huawei has finally defeated American sanctions. Nova 12 Ultra will be the first smartphone with the Chinese Kirin SoC and a 5G modem
Due to American sanctions, Huawei was unable to produce smartphones with 5G modems for a long time – the company...
V8 power like a Bugatti Veyron: Hennessey Cadillac Escalade-V presented
Hennessey has increased the power of the Cadillac Escalade-V SUV to the level of the Bugatti Veyron (from 1001 hp)....
Unboxing and live photos of Redmi K70E – the first smartphone on SoC MediaTek Dimensity 8300-Ultra
Yesterday Redmi officially presented the budget sub-flagship Redmi K70E, and today an unboxing of the device appeared on the Internet....
World’s Largest Auto Workers Strike Costs General Motors $9.3 Billion
General Motors said its agreements with striking UAW and Canadian Unifor unions would increase costs by $9.3 billion through 2028....
News4 days ago
One of the large manufacturers of HDD components is closing the plant and laying off about 600 people
Laptops6 days ago
This is RedmiBook 16 2024. Xiaomi has published an image of a new inexpensive laptop
Electric Cars5 days ago
The candidates for the 2024 European Car of the Year title have been announced. China has the best chance of winning
Electric Cars6 days ago
A new car every 8 seconds. BYD, which has already stopped producing cars only with internal combustion engines, has released its 6 millionth NEV