During that time, Cryptocat had a score of 7 out of 7 points on the scorecard. Ĭryptocat was listed on the Electronic Frontier Foundation's "Secure Messaging Scorecard" from 4 November 2014 until 13 March 2016. In November 2013, Cryptocat was banned in Iran, shortly after the election of Iran's new president Hassan Rouhani who had promised more open Internet laws. In June 2013, Cryptocat was used by journalist Glenn Greenwald while in Hong Kong to meet NSA whistleblower Edward Snowden for the first time, after other encryption software failed to work. This feature was disconnected in November 2015. According to the developers, the feature was meant to help offer an alternative to the regular Cryptocat chat model which did not offer long-term contact lists. Originally in 2013, Cryptocat offered the ability to connect to Facebook Messenger to initiate encrypted chatting with other Cryptocat users. Cryptocat also employs a Trust on first use mechanism in order to help detect device identity key changes.Ĭryptocat also includes a built-in auto-update mechanism that automatically performs a signature check on downloaded updates in order to verify authenticity, and employs TLS certificate pinning in order to prevent network impersonation attacks. Cryptocat users link their devices to their Cryptocat account upon connection, and can identify each others' devices via the client's device manager in order to prevent man-in-the-middle attacks. All devices linked to Cryptocat accounts will receive forward secure messages, even when offline.Īll messages, files and audio/video recordings sent over Cryptocat are end-to-end encrypted. Users can exchange one-to-one messages, encrypted files, photos as well as create and share audio/video recordings, and in the future will be able to send group messages. FeaturesĬryptocat allows its users to set up end-to-end encrypted chat conversations. The new desktop-centric approach allowed Cryptocat to benefit from stronger desktop integration, in a style similar to Pidgin. In March 2016 Kobeissi announced the re-release of Cryptocat, rewritten completely as desktop software instead of the original web application software, as a public beta and the resumption of the service. In February 2016, citing dissatisfaction with the project's current state after 19 months of non-maintenance, Kobeissi announced that he would be taking Cryptocat temporarily offline and discontinuing the development of its mobile application, pending a complete rewrite and relaunch of the software. In response, Cryptocat made improvements to user authentication, making it easier for users to authenticate and detect man-in-the-middle attacks. In February 2014, an audit by iSec Partners criticized Cryptocat's authentication model as insufficient. In response, Cryptocat issued a security advisory, requested that all users ensure that they had upgraded, and informed users that past group conversations may have been compromised. Private messages were not affected, and the bug had been resolved a month prior. In June 2013, security researcher Steve Thomas pointed out a security bug that could be used to decrypt any group chat message that had taken place using Cryptocat between September 2012 and April 19, 2013. He tweeted about the incident afterwards, resulting in media coverage and a spike in the popularity of the software. border by the DHS and questioned about Cryptocat's censorship resistance. In June 2012, Kobeissi said he was detained at the U.S.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |