Encrypted Chat App 'Cryptocat' Launches on iOS

Discussion in 'iOS Blog Discussion' started by MacRumors, Mar 4, 2014.

  1. macrumors bot


    Apr 12, 2001

    Open source web and Mac application Cryptocat is now available on iOS. Designed to allow secure online chatting, the app encrypts chat messages to allow users to have single and group conversations that are secure and unable to be intercepted or monitored.

    Unlike other secure chat apps, including Confide, Cryptocat does not require usernames, email addresses, or accounts to use, with users entering a one-time nickname to chat. There are also no buddy lists or account history, making conversations ephemeral.

    According to the developers, Cryptocat is a native iPhone application that uses iOS APIs rather than web cryptography, but it is designed to work seamlessly with other Cryptocat clients. Along with an iOS app, Cryptocat is also available for the Mac and as a browser extension for Chrome, Firefox, and Safari.

    Cryptocat was originally announced for iOS in December, but the app was initially rejected by Apple, a decision that has since been reversed. According to the app's developer, who spoke to The Verge, the issues with Apple have been resolved.
    Cryptocat can be downloaded from the App Store for free. [Direct Link]

    Article Link: Encrypted Chat App 'Cryptocat' Launches on iOS
  2. Guest

    Sky Blue

    Jan 8, 2005
  3. macrumors 65816


    Jun 13, 2013
    More secure then the encrypted iMessage?
  4. macrumors 6502a


    Jun 12, 2009
    iMessage is vulnerable to man in the middle. Just google iMessage and nsa.
  5. macrumors 68040


    Jul 31, 2005
    No usernames? Fuggedaboutit.
  6. macrumors 68040

    Feb 2, 2008
    BS, just google anything and you'll find support for it.
  7. macrumors 6502a


    Jun 12, 2009
    iMessage is not true end to end encryption, and this is not a "someone said" it's a big world wide news story taken up by the biggest computer news networks.
  8. macrumors 68040

    Feb 2, 2008
  9. macrumors 68040


    Oct 1, 2010
    I was wondering that too....
  10. macrumors 68000


    Jun 21, 2007
    On The Interweb Thingy!
    Your discussion with 'The Wife' about what's for dinner isn't of national importance. Just use iMessage. :cool:
  11. macrumors regular

    Aug 28, 2003
    Zurich, Switzerland
    They don't offer a public encryption validation service like Threema does, do they?
  12. macrumors 6502


    Feb 11, 2011
    Ottawa, Canada
    Threema is by far my fav to date.
  13. macrumors 68000

    Cuban Missles

    Dec 6, 2012
    My heart is in Camagüey, the rest in the USA
    I'm content with iMessage. Don't see the need for another app. I understand that if you are talking to someone not an iPhone you may want an app that is more secure than SMS, but I just try not to message anyone that fails to have an iPhone. :D
  14. macrumors P6

    Oct 17, 2011
    And probably the most expensive.
  15. macrumors 6502a

    Sep 24, 2013
  16. macrumors 6502a


    Nov 28, 2007
    I'm sure iMessage uses "NSA approved" encryption, anyway. I'd like to think differently, but I'm yet to see the case for ANY encryption that wasn't "approved" by NSA and therefore vulnerable.

    iMessage would be enough for me if there was functioning encryption.

    So what does Cryptocat offer iOS & Mac owners? The ability to chat securely to non-iOS and Mac owners? Some appeal, I guess.

    How do we know Cryptocat encryption is good. Anybody read the terms of service?

    What servers are they using, and how vulnerable are they? Chat servers are not a cheap thing to set up. Cheaper than video servers, but still a substantial exercise and I'm yet to see a revenue model.

    Just as snapchat was found to be keeping everything, have we done our due diligence on this? And can their funding be traced back to the State Department?

    Just asking, Honeypot.
  17. macrumors regular

    Jan 7, 2003
    Sydney, Australia
    I can see how the extremely paranoid, or those on the shadier side of the law, would go for this. Anything by a big corporation is already suspect in their eyes, even a service like BBM.
    To be fair, the NSA and various other 3-letter agencies are doing their best to thwart privacy and secrecy "in the national interest", forcing US companies like Skype/Microsoft to put in backdoors. And being a non-US citizen, even the supposed safeguards against spying on US citizens which they obviously haven't been adhering to, is not an issue for them. They believe in "big data", scouring up as much data as possible, regardless of how relevant at the time, "just in case".
    But for most of us, in the West at least, it is not a concern, esp as iMessage's end-to-end encryption is good enough, whether or not the NSA has a backdoor, which really comes down to whether you trust Apple's commitment to our privacy and assurances even they can't read them (whether or not it is "theoretically" possible as has been shown) and their strong assurance the government would have to cart away their servers to get at it. But on the whole, we mainly care about cyber criminals stealing our personal details, and to that end, iMessage is all we need or want AS LONG AS the recipient has an iPhone. Which is where all those myriad of other messenger apps come in.

    This one lives on the Paranoid end of the spectrum, which is fair enough. Esp for those not fortunate enough to live in a fairly free country where you live without fear of persecution for things like your religious or political beliefs, ethnicity or sexual orientation, either of which might get you life in a prison camp, or torture and death. In various countries like China, which probably wouldn't allow an app like this anyway, it is a genuine concern, there are good sound reasons to be paranoid if you are in a group they disapprove of, say from Tibet or member of Falun Gung or a Democracy group.
  18. macrumors 68030


    Jul 7, 2009
    How are they distributing keys? Are they using one shared key for all encryption? If so, it's useless, it wouldn't take long for someone to go through the app and get the key. Can't make a session by session key without some way to distribute the key; which can be monitored. Almost every Public Key service is vulnerable to key requests and thus almost meaningless.

    If they are use the built in iOS AES engine than it will be encrypted the same as iMessages. If they rolled their own, then who is to say that it's more secure? Prove it. AES is an excellent engine. Often the engines are OK, the key security and establishment of the encrypted handshake is what leaves the door open to vulnerabilities.
  19. macrumors 6502

    Dec 28, 2007
    Hmmm, talked with Apple huh.....

    Do I have a feeling Apple might end up buying this company and integrate it into iMessages?
  20. macrumors 6502

    Jun 20, 2013
    United States

  21. macrumors 6502


    Feb 11, 2011
    Ottawa, Canada
    Maybe. I think $2 is a small price to pay for something done right in this particular case. I had a really hard time finding an app that worked in both iOS and Android that wasn't cumbersome in iOS. There's probably new solutions, but they were beat to the punch - I have no reason to switch now.
  22. macrumors 6502a

    Mar 24, 2013
    South West England
    Why do people need encrypted messages? Seriously, what do you have to hide? The only people that would actually need to use private messaging is murderers and child abusers
  23. macrumors newbie

    Mar 6, 2014

    Thanks, Coreforce. I tried Threema due to your mention and it's excellent. ECC plus no man-in-the-middle is a good solution.

    BTW, my view is that EVERYTHING should be encrypted. Then it's hard for snoopers to know which are the important messages and which are about buying a load of bread.
  24. macrumors G3


    Aug 24, 2009
    Correct me if I'm wrong, but hasn't BBM been encrypted from the start?

Share This Page