Want to share with your friends too?

Science
01 May 2017

Nomx email server's tall claims fall flat under scrutiny

Nomx poses as the best, gets quashed

Nomx unique sales pitch says that their servers provide comprehensive security as they use the "world's most secure communications protocol" to ensure that their users are totally safe from cyber attacks.

It sounds like something, one should consider buying, as cyber-security threats are on the rise.

However, you may avoid this one because its claims are just empty boasts.

Here's how the story goes.

In context

Nomx poses as the best, gets quashed
A peek behind the curtain

Suspicion

A peek behind the curtain

There is always a nagging suspicion when someone starts talking in hyperboles to suggest that they are the best without any solid data to back up the claim.

You may argue, that's called marketing; but when it's about cyber-security, that is a serious claim.

Thus a BBC Click investigation team decided to find out if this was indeed the real deal.

About them

Claims in abundance, truth in short supply

In the about section, Nomx looks pretty impressive.

They have a "massive Intellectual Property portfolio," which is a good thing to have in hand.

They also have "trade secrets in the cyber-security market," which is really comforting.

The tagline reads "everything else is insecure," which evokes confidence, I admit.

However, all it took was a nerd, a computer and few hours to bust it.

Love Tech news?

Stay updated with the latest happenings.

Notify Me

What the investigation revealed

Bugs

What the investigation revealed

Nomx's personal email server is going to set you back with $199 - $399 (Rs. 12,790-25,645) and you would feel cheated, knowing that it was built around a Rs. 2497 Raspberry Pi computer.

The software's on-board were years old and had unpatched security bugs.

To crack their so called sophisticated server you don't need to be a genius, because the default password was "password."

Be aware

Always try before you buy

After all the tinkering around, the investigation team found Nomx aka "overpriced and outdated mail server" had the "most insecure PHP applications" and they were "horrified" by the almost primitive approach to security.

This incident would probably serve as a reminder to individuals or firms looking for secure digital solutions, so that, they at least look under the hood before shelling out big bucks.

The strange rebuttal

Overconfidence

The strange rebuttal

Sure enough, Nomx did write back to the investigation team explaining that the threats which the team had posed were too advanced and therefore "non-existent for our users."

Moreover, "To date, no Nomx account has been compromised" which is like saying buy this expensive machine with outdated software and really fudged up security parameters and pray that you don't get compromised.

Ask NewsBytes
User Image

Next Timeline