Encrypted Chat App 'Cryptocat' Launches on iOS

Discussion in 'iOS Blog Discussion' started by MacRumors, Mar 4, 2014.

  1. macrumors bot

    MacRumors

    Joined:
    Apr 12, 2001
    #1
    [​IMG]


    Open source web and Mac application Cryptocat is now available on iOS. Designed to allow secure online chatting, the app encrypts chat messages to allow users to have single and group conversations that are secure and unable to be intercepted or monitored.

    [​IMG]
    Unlike other secure chat apps, including Confide, Cryptocat does not require usernames, email addresses, or accounts to use, with users entering a one-time nickname to chat. There are also no buddy lists or account history, making conversations ephemeral.

    According to the developers, Cryptocat is a native iPhone application that uses iOS APIs rather than web cryptography, but it is designed to work seamlessly with other Cryptocat clients. Along with an iOS app, Cryptocat is also available for the Mac and as a browser extension for Chrome, Firefox, and Safari.

    Cryptocat was originally announced for iOS in December, but the app was initially rejected by Apple, a decision that has since been reversed. According to the app's developer, who spoke to The Verge, the issues with Apple have been resolved.
    Cryptocat can be downloaded from the App Store for free. [Direct Link]

    Article Link: Encrypted Chat App 'Cryptocat' Launches on iOS
     
  2. Guest

    Sky Blue

    Joined:
    Jan 8, 2005
  3. macrumors 65816

    luckydcxx

    Joined:
    Jun 13, 2013
  4. macrumors 6502a

    Frosties

    Joined:
    Jun 12, 2009
    Location:
    Sweden
    #4
    iMessage is vulnerable to man in the middle. Just google iMessage and nsa.
     
  5. macrumors 68040

    Goldfrapp

    Joined:
    Jul 31, 2005
  6. macrumors 68040

    Joined:
    Feb 2, 2008
    #6
    BS, just google anything and you'll find support for it.
     
  7. macrumors 6502a

    Frosties

    Joined:
    Jun 12, 2009
    Location:
    Sweden
    #7
    iMessage is not true end to end encryption, and this is not a "someone said" it's a big world wide news story taken up by the biggest computer news networks.
     
  8. macrumors 68040

    Joined:
    Feb 2, 2008
    #8
  9. macrumors 68040

    KdParker

    Joined:
    Oct 1, 2010
    #9
    I was wondering that too....
     
  10. macrumors 68000

    BillyBobBongo

    Joined:
    Jun 21, 2007
    Location:
    On The Interweb Thingy!
    #10
    Your discussion with 'The Wife' about what's for dinner isn't of national importance. Just use iMessage. :cool:
     
  11. macrumors regular

    Joined:
    Aug 28, 2003
    Location:
    Zurich, Switzerland
    #11
    They don't offer a public encryption validation service like Threema does, do they?
     
  12. macrumors 6502a

    skinned66

    Joined:
    Feb 11, 2011
    Location:
    Ottawa, Canada
    #12
    Threema is by far my fav to date.
     
  13. macrumors 68000

    Cuban Missles

    Joined:
    Dec 6, 2012
    Location:
    My heart is in Camagüey, the rest in the USA
    #13
    I'm content with iMessage. Don't see the need for another app. I understand that if you are talking to someone not an iPhone you may want an app that is more secure than SMS, but I just try not to message anyone that fails to have an iPhone. :D
     
  14. macrumors P6

    Joined:
    Oct 17, 2011
    #14
    And probably the most expensive.
     
  15. macrumors 6502a

    Joined:
    Sep 24, 2013
  16. macrumors 6502a

    albusseverus

    Joined:
    Nov 28, 2007
    #16
    I'm sure iMessage uses "NSA approved" encryption, anyway. I'd like to think differently, but I'm yet to see the case for ANY encryption that wasn't "approved" by NSA and therefore vulnerable.

    iMessage would be enough for me if there was functioning encryption.

    So what does Cryptocat offer iOS & Mac owners? The ability to chat securely to non-iOS and Mac owners? Some appeal, I guess.

    How do we know Cryptocat encryption is good. Anybody read the terms of service?

    What servers are they using, and how vulnerable are they? Chat servers are not a cheap thing to set up. Cheaper than video servers, but still a substantial exercise and I'm yet to see a revenue model.

    Just as snapchat was found to be keeping everything, have we done our due diligence on this? And can their funding be traced back to the State Department?

    Just asking, Honeypot.
     
  17. macrumors regular

    Joined:
    Jan 7, 2003
    Location:
    Sydney, Australia
    #17
    I can see how the extremely paranoid, or those on the shadier side of the law, would go for this. Anything by a big corporation is already suspect in their eyes, even a service like BBM.
    To be fair, the NSA and various other 3-letter agencies are doing their best to thwart privacy and secrecy "in the national interest", forcing US companies like Skype/Microsoft to put in backdoors. And being a non-US citizen, even the supposed safeguards against spying on US citizens which they obviously haven't been adhering to, is not an issue for them. They believe in "big data", scouring up as much data as possible, regardless of how relevant at the time, "just in case".
    But for most of us, in the West at least, it is not a concern, esp as iMessage's end-to-end encryption is good enough, whether or not the NSA has a backdoor, which really comes down to whether you trust Apple's commitment to our privacy and assurances even they can't read them (whether or not it is "theoretically" possible as has been shown) and their strong assurance the government would have to cart away their servers to get at it. But on the whole, we mainly care about cyber criminals stealing our personal details, and to that end, iMessage is all we need or want AS LONG AS the recipient has an iPhone. Which is where all those myriad of other messenger apps come in.

    This one lives on the Paranoid end of the spectrum, which is fair enough. Esp for those not fortunate enough to live in a fairly free country where you live without fear of persecution for things like your religious or political beliefs, ethnicity or sexual orientation, either of which might get you life in a prison camp, or torture and death. In various countries like China, which probably wouldn't allow an app like this anyway, it is a genuine concern, there are good sound reasons to be paranoid if you are in a group they disapprove of, say from Tibet or member of Falun Gung or a Democracy group.
     
  18. macrumors 68030

    CylonGlitch

    Joined:
    Jul 7, 2009
    Location:
    SoCal
    #18
    How are they distributing keys? Are they using one shared key for all encryption? If so, it's useless, it wouldn't take long for someone to go through the app and get the key. Can't make a session by session key without some way to distribute the key; which can be monitored. Almost every Public Key service is vulnerable to key requests and thus almost meaningless.

    If they are use the built in iOS AES engine than it will be encrypted the same as iMessages. If they rolled their own, then who is to say that it's more secure? Prove it. AES is an excellent engine. Often the engines are OK, the key security and establishment of the encrypted handshake is what leaves the door open to vulnerabilities.
     
  19. macrumors 6502

    Joined:
    Dec 28, 2007
    #19
    Hmmm, talked with Apple huh.....


    Do I have a feeling Apple might end up buying this company and integrate it into iMessages?
     
  20. macrumors 6502

    Joined:
    Jun 20, 2013
    Location:
    United States
  21. macrumors 6502a

    skinned66

    Joined:
    Feb 11, 2011
    Location:
    Ottawa, Canada
    #21
    Maybe. I think $2 is a small price to pay for something done right in this particular case. I had a really hard time finding an app that worked in both iOS and Android that wasn't cumbersome in iOS. There's probably new solutions, but they were beat to the punch - I have no reason to switch now.
     
  22. macrumors 6502a

    Joined:
    Mar 24, 2013
    Location:
    South West England
    #22
    Why do people need encrypted messages? Seriously, what do you have to hide? The only people that would actually need to use private messaging is murderers and child abusers
     
  23. macrumors newbie

    Joined:
    Mar 6, 2014
    #23
    Threema

    Thanks, Coreforce. I tried Threema due to your mention and it's excellent. ECC plus no man-in-the-middle is a good solution.

    BTW, my view is that EVERYTHING should be encrypted. Then it's hard for snoopers to know which are the important messages and which are about buying a load of bread.
     
  24. macrumors G3

    roadbloc

    Joined:
    Aug 24, 2009
    Location:
    UK
    #24
    Correct me if I'm wrong, but hasn't BBM been encrypted from the start?
     

Share This Page