Technology

59133 readers

2265 users here now

This is a most excellent place for technology news and articles.

Our Rules

Follow the lemmy.world rules.
Only tech related content.
Be excellent to each another!
Mod approved content bots can post up to 10 articles per day.
Threads asking for personal tech support may be deleted.
Politics threads may be removed.
No memes allowed as posts, OK to post as comments.
Only approved bots from the list below, to ask if your bot can be added please contact us.
Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago

MODERATORS

[email protected]

662

Nothing pulls its iMessage app from the Play Store following privacy disaster (www.androidpolice.com)

submitted 11 months ago by [email protected] to c/[email protected]

100 comments fedilink hide all child comments

Nothing Chats, a rival to apps like Beeper and AirMessage, advertised itself as a secure platform for sending messages to iMessage users.

However, less than 24 hours after its launch, investigations into the app revealed that Nothing Chats logged every message in plain text and stored unencrypted data, including text messages, images, videos, and more, making it a significant privacy and security risk.

The company removed the app from the Play Store following these complaints, citing "several bugs" that need fixing.

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 11 points 11 months ago* (last edited 11 months ago) (1 children)

I used to use Privacy.com and Mint until I did some looking into Plaid. They present a login screen that looks like your bank and you assume they're doing some kind of OAuth. Nope they're just taking your full banking credentials and you have to hope they're safe. I think Plaid is a ticking time bomb. When it gets hacked a lot of people will be in trouble.

[–] [email protected] 3 points 11 months ago (1 children)

Are you sure about Plaid? Because jesus I've signed in through Plaid many times.

[–] [email protected] 3 points 11 months ago* (last edited 11 months ago) (1 children)

Yep (and I had the same reaction).

From their privacy policy.

Data you provide to us. When you use Plaid’s products or services, like when you connect your financial accounts (like your bank accounts) to a developer’s app through Plaid, we may collect the following data from you:

identifiers like name, email address, and phone number;

login data when required by the provider of your account, like your username and password, account and routing number, or a security token.

when needed, data to help verify your identity and/or connect your accounts, including your Social Security number, date of birth, security questions and answers, documentary ID and one-time password (OTP).

https://plaid.com/legal/#consumers

Additional reading: https://security.stackexchange.com/questions/198005/is-plaid-a-service-which-collects-user-s-banking-login-information-safe-to-use

EDIT: And a lawsuit: https://www.ctvnews.ca/mobile/business/td-bank-files-lawsuit-against-plaid-accusing-it-of-trying-to-dupe-consumers-1.5145326

[–] [email protected] 2 points 11 months ago

Oh Lord. I have all my money in one account and have used Plaid on it. If it were to get hacked, I would be ruined lol. Not a lot of money but that's all I have.

Thanks so much for telling me this!