- Nothing Chats, a rival to apps like Beeper and AirMessage, advertised itself as a secure platform for sending messages to iMessage users.
- However, less than 24 hours after its launch, investigations into the app revealed that Nothing Chats logged every message in plain text and stored unencrypted data, including text messages, images, videos, and more, making it a significant privacy and security risk.
- The company removed the app from the Play Store following these complaints, citing “several bugs” that need fixing.
I used to use Privacy.com and Mint until I did some looking into Plaid. They present a login screen that looks like your bank and you assume they’re doing some kind of OAuth. Nope they’re just taking your full banking credentials and you have to hope they’re safe. I think Plaid is a ticking time bomb. When it gets hacked a lot of people will be in trouble.
Are you sure about Plaid? Because jesus I’ve signed in through Plaid many times.
Yep (and I had the same reaction).
From their privacy policy.
https://plaid.com/legal/#consumers
Additional reading: https://security.stackexchange.com/questions/198005/is-plaid-a-service-which-collects-user-s-banking-login-information-safe-to-use
EDIT: And a lawsuit: https://www.ctvnews.ca/mobile/business/td-bank-files-lawsuit-against-plaid-accusing-it-of-trying-to-dupe-consumers-1.5145326