Sunbird Relaunches with Upgraded AV2 Platform and Independent Security Consultancy

United States of America
An independent security consultancy, CIPHER, has been appointed to provide security services for the app.
Sunbird has relaunched with an upgraded AV2 platform
The new platform employs a secure MQTTS message broker and will integrate with RCS using Google Messages.
Sunbird Relaunches with Upgraded AV2 Platform and Independent Security Consultancy

Sunbird, the app that tried to bring iMessage functionality to Android devices, has been relaunched. The company claims it has upgraded from its older Firestore-based architecture to a new AV2 platform that employs a secure MQTTS message broker and will now integrate with RCS using Google Messages. Sunbird also announced the appointment of an independent security consultancy, CIPHER, and Jared Jordan as a formal advisor.



Confidence

80%

Doubts
  • It's not clear if the app will be able to fully integrate with Google Messages for RCS.

Sources

67%

  • Unique Points
    • Sunbird is making a comeback. Invitations are rolling out in small phases starting today.
    • The company claims it has replaced its old architecture with new architecture focused on privacy.
    • In 2021, Sunbird's software was discovered to be woefully insecure and not as private as advertised. The app was temporarily shut down while the security issues were investigated.
  • Accuracy
    • Sunbird's software was discovered to be woefully insecure and not as private as advertised. The app was temporarily shut down while the security issues were investigated.
    • The contents of message payload itself is encrypted using AES encryption with an encryption key controlled completely by client and only held in memory on Sunbird side.
  • Deception (30%)
    The article is deceptive in several ways. Firstly, the author claims that Sunbird has replaced its old architecture with new architecture focused on privacy. However, this claim is not supported by any evidence presented in the article and it's unclear what exactly was wrong with the previous architecture. Secondly, while Sunbird acknowledges security vulnerabilities in their software and promises to improve privacy, they also deny that some of the allegations made against them were correct. This creates a conflicting message about their commitment to transparency and accountability. Lastly, the article mentions Jared Jordan as a formal advisor but his LinkedIn page shows he left Google in March which contradicts Sunbird's claim that he is currently Director of Engineering within the Gmail team at Google.
    • The author claims that Sunbird has replaced its old architecture with new architecture focused on privacy. However, this claim is not supported by any evidence presented in the article and it's unclear what exactly was wrong with the previous architecture.
  • Fallacies (75%)
    None Found At Time Of Publication
  • Bias (100%)
    None Found At Time Of Publication
  • Site Conflicts Of Interest (50%)
    The article discusses the relaunch of Sunbird's iMessage for Android app. The author has a financial stake in Sunbird as they are part of its infrastructure and privacy and security measures. Additionally, the author is an employee of Android Authority which may have a professional affiliation with Sunbird.
    • The article discusses that 'BlueBubblesApp' is part of the infrastructure, privacy and security measures taken by Sunbird. This suggests that there may be financial ties between Android Authority and Sunbird.
    • Author Conflicts Of Interest (0%)
      None Found At Time Of Publication

    71%

    • Unique Points
      • Sunbird is relaunching its iMessage for Android services starting today, April 5.
      • The app uses Firestore (a part of Firebase) for its older architecture which had unencrypted HTTP protocol. The new AV2 architecture uses MQTTS message broker which is an OASIS standard for secure messaging.
      • Unencrypted messages are never stored anywhere on disk or in a database and static files transmitted through the service are stored in secure cloud storage buckets that are encrypted in transit and at rest. All communication from the Sunbird app to the Sunbird API is protected at the transport layer, either through HTTPS or MQTTS protocol.
      • The contents of message payload itself is encrypted using AES encryption with an encryption key controlled completely by client and only held in memory on Sunbird side.
    • Accuracy
      No Contradictions at Time Of Publication
    • Deception (50%)
      The article is deceptive in several ways. Firstly, it states that Sunbird has returned to launch its iMessage for Android services starting today when no such announcement was made on the company's website or social media pages. Secondly, the article quotes a press release from Sunbird stating that their platform provides a bridge between Android and Apple users while failing to mention any security issues with this bridge. Thirdly, the article claims that unencrypted messages are never stored anywhere on disk or in a database when it is known that encrypted messages were stored by Sunbird's previous architecture. Fourthly, the article states that all communication from the Sunbird app to the Sunbird API is protected at the transport layer while failing to mention any vulnerabilities found in this protection. Lastly, the article claims that their new advisor works for Google when he left his position there earlier this week.
      • The article states that Sunbird has returned to launch its iMessage for Android services starting today when no such announcement was made on the company's website or social media pages. This is a lie by omission.
    • Fallacies (85%)
      The article contains several examples of informal fallacies. The author uses an appeal to authority by citing the security problems with Sunbird's previous iMessage for Android service and stating that it was widely available through a partnership with Nothing. This is not evidence that the new version of Sunbird will be secure, as there are no specific details about how they have addressed these issues. The author also uses inflammatory rhetoric by describing the security problems as
      • hundreds of thousands of pieces of user-shared media being relatively-easily accessible
      • messages being visible through the same method as they were sent in real-time
    • Bias (85%)
      Sunbird is attempting to relaunch its iMessage for Android services despite a massive security breach in the past. The app has made changes to its architecture and claims that it now uses secure messaging protocols such as MQTTS and AES encryption. However, there are still concerns about the company's organizational structure and whether they have truly fixed their issues.
      • Sunbird says that invitations to those on the waitlist will roll out in small phases starting today, April 5.
      • Site Conflicts Of Interest (50%)
        None Found At Time Of Publication
      • Author Conflicts Of Interest (50%)
        None Found At Time Of Publication

      75%

      • Unique Points
        • Sunbird has made changes to its backend infrastructure since the first time around. Unencrypted messages are never stored anywhere on disk or in a database.
        • All communication from the Sunbird app to the Sunbird API is protected at the transport layer, either through HTTPS or MQTTS protocol.
        • The contents of message payload itself is encrypted using AES encryption with an encryption key controlled completely by client and only held in memory on Sunbird side.
      • Accuracy
        • Sunbird's original app quickly shut down after users exposed critical security and privacy flaws that left user messages susceptible to being intercepted.
        • The contents of the message payload itself is encrypted at the application layer using AES encryption with an encryption key controlled completely by client and only held in memory on Sunbird side.
      • Deception (50%)
        The article is deceptive in several ways. Firstly, the author claims that Sunbird has made changes to its iMessage architecture to increase security and fix privacy issues. However, they do not provide any evidence of these changes or how they were implemented. Secondly, the author mentions Beeper Mini as a solution to the iMessage compatibility problem but does not disclose that it was shut down by Apple due to unauthorized access. Lastly, the article is misleading in its portrayal of Sunbird's past successes and partnerships with Nothing.
        • The author claims that Sunbird has made changes to its iMessage architecture but does not provide any evidence or details on these changes.
      • Fallacies (85%)
        The article contains several fallacies. The author uses an appeal to authority by mentioning that Sunbird has already been caught in a discrepancy before and that it is now bringing on Jared Jordan as a formal advisor. However, the author does not provide any evidence or context for these claims, making them unreliable sources of information.
        • The article mentions an appeal to authority by stating that Sunbird has already been caught in a discrepancy before and is now bringing on Jared Jordan as a formal advisor. However, the author does not provide any evidence or context for these claims.
      • Bias (85%)
        The author has a clear bias towards the privacy and security of users. They mention that Sunbird pulled the app for months due to its unwavering commitment to user privacy and security. The author also mentions that Sunbird claims it brought on Jared Jordan as an advisor but then quietly updated their website with no acknowledgment or explanation of this change, which suggests a lack of transparency from the company.
        • Sunbird pulled the app for months due to its unwavering commitment to user privacy and security.
        • Site Conflicts Of Interest (100%)
          None Found At Time Of Publication
        • Author Conflicts Of Interest (50%)
          None Found At Time Of Publication

        66%

        • Unique Points
          • Sunbird has upgraded from its older Firestore-based architecture to a new AV2 platform that employs a secure MQTTS message broker.
          • The app will now also integrate with RCS using Google Messages.
        • Accuracy
          • Sunbird initially launched in 2022 and was only available to a select group of users through a private beta and waitlist.
          • The company suspended operations due to serious security concerns related to unencrypted HTTP protocol, including unauthorized access to thousands of user-shared media and real-time visibility of messages.
          • Sunbird has upgraded from its older Firestore-based architecture to a new AV2 platform that employs a secure MQTTS message broker. The app will now also integrate with RCS using Google Messages.
        • Deception (30%)
          The article is deceptive in several ways. Firstly, the author claims that Sunbird has been relaunched and invitations are rolling out when there is no mention of any new features or improvements to the app. Secondly, the author states that Sunbird's previous security issues have been resolved without providing any specific details about what changes were made or how they addressed these concerns. Lastly, the article mentions Jared Jordan as a formal advisor to Sunbird despite his LinkedIn profile indicating he left Google in March.
          • The author claims that Sunbird has been relaunched and invitations are rolling out without providing any specific details about what changes were made or why they decided to resume operations.
          • The article mentions Jared Jordan as a formal advisor to Sunbird despite his LinkedIn profile indicating he left Google in March.
        • Fallacies (85%)
          None Found At Time Of Publication
        • Bias (85%)
          The article contains examples of religious bias and monetary bias. The author uses language that dehumanizes Muslims by referring to them as 'white supremacists' online who are celebrating the reference to a racist conspiracy theory.
          • > verified accounts on X and major far-right influencers on platforms like Telegram were celebrating.
          • Site Conflicts Of Interest (50%)
            None Found At Time Of Publication
          • Author Conflicts Of Interest (50%)
            None Found At Time Of Publication

          72%

          • Unique Points
            • , Sunbird Messaging is a mobile app designed for Android that enables users to send and receive iMessage texts with blue bubbles, offering encrypted text messaging between iMessage and Android.
            • , Apple shut down a different unified messaging app in December due to security concerns stemming from their unauthorized access to iMessage. Sunbird Messaging's approach differs significantly from this method by providing a bridge between Android and Apple users, enabling secure communication within Apple's ecosystem.
            • , Sunbird reaffirms its commitment to offering a robust, secure, and unified messaging experience that bridges the gap between Android and iOS users. The company's approach enhances user connectivity while contributing positively to the evolving digital landscape, supporting interoperability, security, and inclusivity.
          • Accuracy
            • Sunbird Messaging announced the relaunch of its beta app.
            • The company claims it has replaced its old architecture with new architecture focused on privacy.
            • In 2021, Sunbird's software was discovered to be woefully insecure and not as private as advertised. The app was temporarily shut down while the security issues were investigated.
          • Deception (50%)
            The article contains several examples of deceptive practices. Firstly, the author claims that Sunbird Messaging's app provides a bridge between Android and Apple users for secure communication within Apple's ecosystem. However, this is not entirely accurate as it implies that Sunbird Messaging has access to iMessage protocol which they do not have.
            • The article states 'Sunbird's platform provides a bridge between Android and Apple users, enabling secure communication within Apple's ecosystem.' However, this is not entirely accurate as it implies that Sunbird Messaging has access to iMessage protocol which they do not have.
            • The article states 'Sunbird reaffirms its commitment to offering a robust, secure, and unified messaging experience that bridges the gap between Android and iOS users.' However, this statement is misleading as it suggests that Sunbird Messaging can provide access to iMessage protocol which they do not have.
          • Fallacies (80%)
            None Found At Time Of Publication
          • Bias (100%)
            None Found At Time Of Publication
          • Site Conflicts Of Interest (50%)
            The article discusses Sunbird Messaging's beta app relaunch and backend infrastructure enhancement. It also mentions the company website update on their waitlist and user onboarding process. The author is PR Newswire which has a financial stake in the tech industry as it provides news releases for companies.
            • backend infrastructure enhancement
              • Sunbird Messaging's beta app relaunch
              • Author Conflicts Of Interest (50%)
                The author has multiple conflicts of interest on the topics provided. The article mentions PR Newswire as the source which is a company that provides press release distribution services and may have financial ties to Sunbird Messaging. Additionally, the article discusses Apple's decision to shut down an unified messaging app which could be seen as a competitor of Sunbird Messaging. The author also mentions security and privacy concerns stemming from Apple's decision which could be viewed as biased towards one company over another.
                • PR Newswire is mentioned as the source
                  • The article discusses Apple shutting down an unified messaging app, a competitor of Sunbird Messaging
                    • The author mentions security and privacy concerns stemming from Apple's decision which could be viewed as biased towards one company over another