It’s fairly clear that iMessage for Android will not be going to be a straightforward activity, however one of many apps that attempted to do it (earlier than we discovered that it was a horrible safety nightmare), Sunbird, is giving it one other shot.
In a press launch, Sunbird has confirmed plans to relaunch its iMessage for Android companies beginning immediately.
Sunbird first hit the scene in 2022 with the promise of bringing iMessage to Android. The app launched in a non-public beta with a waitlist, however by no means made its solution to a complete lot of customers. In truth, it wasn’t till Nothing partnered with Sunbird to launch “Nothing Chats” that the service was broadly accessible.
Inside days of the launch of Sunbird-powered “Nothing Chats,” we reported on large safety issues with the app that included, amongst different issues, a whole bunch of 1000’s of items of user-shared media being relatively-easily accessible, in addition to messages being seen via the identical methodology as they have been despatched in real-time. It was… dangerous.
Days after the incident, Sunbird introduced that it will stop operations indefinitely.
Now, in some way, Sunbird has returned.
Sunbird says that invites to these on the waitlist will roll out in “small phases” beginning immediately, April 5.
In a press launch, Sunbird references Apple’s shutdown of Beeper’s “unauthorized entry” to iMessage and touts its platform which “gives a bridge between Android and Apple customers, enabling safe communication inside Apple’s ecosystem.”
The press launch itself doesn’t supply any clarification of what Sunbird has modified moreover committing “to providing a strong, safe, and unified messaging expertise.”
In an extra put up on its web site, Sunbird really goes into its “unencrypted HTTP protocol” safety points, and in addition denies that it was ever utilizing the “BlueBubblesApp” as a part of its infrastructure following some findings alongside the numerous safety issues. Sunbird says that, following final 12 months’s debacle, it took time to “completely reevaluate each our technical implementations and our organizational processes.”
So, has something modified?
Sunbird says that its “older structure” which used Firestore (part of Firebase) has been changed. The brand new “AV2” structure, Sunbird explains, makes use of “a MQTTS message dealer which is an OASIS normal for safe messaging.” The app can even now combine with RCS by way of Google Messages, like Nothing Chats was going to.
The corporate additional makes claims saying:
- Unencrypted messages are by no means saved anyplace on disk or in a database. When messages are decrypted to be handed to the iMessage and RCS/Google Messages community, they exist in that state solely inside reminiscence for a restricted time frame. Within the front-end app, messages are solely saved in an encrypted state inside the in-app database.
- Static information transmitted via the service are saved in safe cloud storage buckets which are encrypted in transit and at relaxation. They’re protected via permissioned URLs that stop unauthorized entry and are fully expunged from the Sunbird methods no later than 48 hours after sending or receiving them.
- All communication from the Sunbird app to the Sunbird API is protected on the transport layer, both via HTTPS or the MQTTS protocol.
- The MQTTS dealer is secured by way of strict entry management lists to make sure that customers are solely capable of entry dealer matters particularly assigned to them and no others.
- Additional, the contents of the message payload itself is encrypted on the software layer utilizing AES encryption with an encryption key managed fully by the shopper and solely held in reminiscence on the Sunbird facet. Messages circulation via the Sunbird system in an encrypted state and are solely decrypted (in reminiscence) for the time being of switch of messages to the native messaging platform.
Sunbird additionally provides that it has made organizational adjustments together with an “impartial safety consultancy,” CIPHER, in addition to Jared Jordan, a former Director of Engineering at Google for Gmail, who’s now a “formal advisor” to Sunbird (observe: Sunbird’s put up claims that Jordan is at the moment working at Google, however his LinkedIn profile, which Sunbird hyperlinks, says he left Google in March and now works with CapitalOne).
9to5Google’s Take
I, for one, am shocked that Sunbird is definitely attempting to make a comeback. Following the horrifying points found final 12 months, I used to be assured the corporate wouldn’t be capable of recuperate (and I’m nonetheless not satisfied they’ll earn anybody’s belief).
And whereas it’s nice to see Sunbird placing effort into fixing issues up, I’m nonetheless fairly cautious. A giant crimson flag, as talked about above, is that the corporate is claiming that their new advisor works for Google, when he really left that place (which he solely held for six months) earlier this week.
I gained’t be signing up for Sunbird’s waitlist, however I do hope that the corporate has really fastened its points.
Extra on iMessage for Android:
Comply with Ben: Twitter/X, Threads, and Instagram
FTC: We use earnings incomes auto affiliate hyperlinks. Extra.
