Reason.com - Free Minds and Free Markets
Reason logo Reason logo
  • Latest
  • Magazine
    • Current Issue
    • Archives
    • Subscribe
    • Crossword
  • Video
  • Podcasts
    • All Shows
    • The Reason Roundtable
    • The Reason Interview With Nick Gillespie
    • The Soho Forum Debates
    • Just Asking Questions
    • The Best of Reason Magazine
    • Why We Can't Have Nice Things
  • Volokh
  • Newsletters
  • Donate
    • Donate Online
    • Donate Crypto
    • Ways To Give To Reason Foundation
    • Torchbearer Society
    • Planned Giving
  • Subscribe
    • Reason Plus Subscription
    • Print Subscription
    • Gift Subscriptions

Login Form

Create new account
Forgot password

Civil Liberties

Privacy-Oriented Cryptocat Unveils Smartphone App

Alyssa Hertig | 3.4.2014 6:45 PM

Share on FacebookShare on XShare on RedditShare by emailPrint friendly versionCopy page URL
Media Contact & Reprint Requests
Adrian Ilie \ Wikimedia

Cryptocat, a web application for private chatting, now functions on smartphones. In a demo at RightsCon, a gathering in Silicon Valley that focuses on technology and combating human rights challenges, Cryptocat unveiled its chat-based cryptographically-based private mobile app, a tool they've been cooking up this past year.

Cryptocat's mission, according to its blog, is "Making encrypted chat easy, fun, and accessible for everyone." While not as simple as using Facebook or GChat, it's easier to use than other encrypted instant messaging services. It's available for free from the Apple app store.

Users of Mozilla, Chrome, Safari, Opera, and Mac OS X – and now iOS, can use the app. It utilizes Off-the-Record Messaging (OTR), a cryptographic protocol for secure instant messaging, and perfect forward secrecy, a system that constantly generates new user keys so snoops cannot decrypt older messages. Security measures extend beyond the cryptographic protocols. According to The Verge, the servers are stored "in a Swedish nuclear bunker to protect them from government intrusion."

It took Cryptocat a year to transit to a mobile app. One might think securing information would be a cinch, but secure communications require complex cryptography. Developers have been struggling to make secure communications, of all sorts, more user-friendly. Cryptocat has been a main player in this movement.

Private communications have come a very long way since cypherpunks organized an esoteric email group focused on discussing the technical aspects of encrypted communications in the 90's. Not to mention, Cryptocat has come a long way since repairing a "rookie" cryptographic mistake made last year.

Privacy developments have been fueled by a newish hunger. In an interview with Ars Technica last December, Cryptocat developer Nadim Kobeissi said:

'Two years ago not a lot of people cared,' he comments. But times have changed. 'Now a lot of people care.'

Innovative developers are feeding this hunger with an array of technologies. The app comes hot on the heels of the Blackphone, which launched pre-orders for its cryptographically-secured phone last week. Jeeves, a programming language in the making, accommodates built-in privacy protocols. A MIT researcher even proposes encrypting genetic information.

The hope is that privacy-centric technology would give consumers more secure options to choose from. Someday they could make bypassing National Security Agency intrusion easy and difficult-to-enact legislative reform unnecessary.

Start your day with Reason. Get a daily brief of the most important stories and trends every weekday morning when you subscribe to Reason Roundup.

This field is for validation purposes and should be left unchanged.

NEXT: First Study of LSD's Psychotherapeutic Benefits in Four Decades Breaks Research Taboo

Alyssa Hertig
Civil LibertiesScience & TechnologyFourth AmendmentCellphonesPrivacyEncryption
Share on FacebookShare on XShare on RedditShare by emailPrint friendly versionCopy page URL
Media Contact & Reprint Requests

Hide Comments (20)

Editor's Note: As of February 29, 2024, commenting privileges on reason.com posts are limited to Reason Plus subscribers. Past commenters are grandfathered in for a temporary period. Subscribe here to preserve your ability to comment. Your Reason Plus subscription also gives you an ad-free version of reason.com, along with full access to the digital edition and archives of Reason magazine. We request that comments be civil and on-topic. We do not moderate or assume any responsibility for comments, which are owned by the readers who post them. Comments do not represent the views of reason.com or Reason Foundation. We reserve the right to delete any comment and ban commenters for any reason at any time. Comments may only be edited within 5 minutes of posting. Report abuses.

  1. Cytotoxic   11 years ago

    I use TextSecure. Should I replace it with this? Get both?

    1. anon   11 years ago

      I vote we just all start using substitution ciphers to make the NSA study all of our meaningless banter here at H&R, which will eventually force them to ignore us entirely.

    2. Mr Whipple   11 years ago

      I use Pidgin with OTR and ChatSecure from The Guardian Project. They are the ones that made Orbot which is the Android version of Tor.

      Pidgin with OTR is easy. You can use it over just about any chat, including Facebook, as long as the other person has it too.

      https://guardianproject.info/apps/chatsecure/

  2. anon   11 years ago

    One might think securing information would be a cinch

    Anyone that really thinks this is a complete moron.

  3. bassjoe   11 years ago

    One might think securing information would be a cinch
    ---------
    Um, WHO thinks that exactly?

    1. Sevo   11 years ago

      "Um, WHO thinks that exactly?"
      The guy on the streetcorner in the sandwich board sign.

  4. anon   11 years ago

    The hope is that privacy-centric technology would give consumers more secure options to choose from. Someday they could make bypassing National Security Agency intrusion easy and difficult-to-enact legislative reform unnecessary.

    Not with the advent of quantum computing; security measures (including encryption) are only reactive. There's nothing that's "unhackable" anywhere.

    1. Cytotoxic   11 years ago

      Okay then we'd react. Quantum encryption would be even more unbreakable.

      1. anon   11 years ago

        True, but the attacker is always the one that's a step ahead; plus, you don't get to know you've been hacked until whatever you were storing of value was lost (or used against you).

        1. Cytotoxic   11 years ago

          You should look up 'MaidSafe'.

    2. Mr Whipple   11 years ago

      Don't give me that quantum computing shit. Even if they did have it, they would still have to crack every single message using brute force. Their best attack is still through an exploit like FinFisher.

      True, but the attacker is always the one that's a step ahead;

      How do you figure? If they were always one step ahead, encryption would be useless. Consider the last known attack, the one against Freedom Hosting, they were about 3 steps behind. It only worked on an older version of the Tor Browser, only with Javascript enabled, and only on Windows.

      Most, if not all, successful attacks are user errors. Encryption is like using a condom. When used properly, it is nearly 100%. When a condom fails, it is usually the fault of the person using it.

  5. RishJoMo   11 years ago

    Heck yeah dude thats what I am talking about! Roll with it.

    http://www.Anon-VPN.com

    1. Sigivald   11 years ago

      You know, I'm normally a rule-of-law kinda guy.

      But this endless fucking spamming might qualify as aggression, and this really makes me want to suggest an endless DDOS against "anon-vpn.com".

      It sure as hell doesn't make me want to be one of their customers, because this is the shoddiest possible business practice short of outright fraud.

  6. Paul.   11 years ago

    Ecryption can be relative easy-- by a developer using a standard black-box form of encryption inserted into his code.

    However, make the entire app secure is very tricky.

    1. Sigivald   11 years ago

      The "entire app" doesn't need to be secure (and can't be, at the level of "secure from cameras looking at the screen" or "secure from the OS kernel itself or a superuser").

      The relevantly sensitive part is the communication channel, not the running code. (Oh, sure, "don't save the decrypt to disk", but... if you need help with that one you have bigger problems as a developer.)

      An even more interesting question is not "is this app secure?" but "how can I TRUST that this app is secure, and that its private backend servers are trustworthy?".

      1. Paul.   11 years ago

        Roger that. But that's what I'm saying, an encryption neophyte can, with relative ease, encrypt his communication stream. I seem to remember you could insert the PGP code into any C++ program relatively quickly.

        but "how can I TRUST that this app is secure, and that its private backend servers are trustworthy?".

        In this day and age, it's going to have to be open source.

      2. Mr Whipple   11 years ago

        If you have root access, you can run every app through Tor (Orbot). You can even chroot a Linux OS on Android. There are, of course, some stability issues. You still need to access the Android drivers.

  7. Invisible Finger   11 years ago

    So I would have to get this from of Apple's App Store, which is probably being snooped by the NSA who will then target further snooping on anyone who downloads the app.

  8. Sophi   11 years ago

    After reading this blog realize the Cryptocat really a best web application for private chatting and I am so happy it freely available in all apple app stores. I hope it supports all browsers.

  9. david684   11 years ago

    Cryptocat is completely responsible to all privacy concern. Let them want to update proper privacy policy and user agreement.

    http://www.ndottech.com

Please log in to post comments

Mute this user?

  • Mute User
  • Cancel

Ban this user?

  • Ban User
  • Cancel

Un-ban this user?

  • Un-ban User
  • Cancel

Nuke this user?

  • Nuke User
  • Cancel

Un-nuke this user?

  • Un-nuke User
  • Cancel

Flag this comment?

  • Flag Comment
  • Cancel

Un-flag this comment?

  • Un-flag Comment
  • Cancel

Latest

The Government Threatened To Seize His Home Over Tall Grass

John Stossel | 4.2.2025 1:11 AM

The Logical Contradictions of Trump's Case for Tariffs

Jacob Sullum | 4.2.2025 12:01 AM

Cops Called on Dad for Playing Catch with 14-Year-Old Son at Park

Lenore Skenazy | 4.1.2025 5:20 PM

ICE Denies Reason Access to Immigration Court In Miami Detention Center

C.J. Ciaramella | 4.1.2025 3:24 PM

Deported for Innocent Tattoos?

Fiona Harrigan | 4.1.2025 2:00 PM

Recommended

  • About
  • Browse Topics
  • Events
  • Staff
  • Jobs
  • Donate
  • Advertise
  • Subscribe
  • Contact
  • Media
  • Shop
  • Amazon
Reason Facebook@reason on XReason InstagramReason TikTokReason YoutubeApple PodcastsReason on FlipboardReason RSS

© 2024 Reason Foundation | Accessibility | Privacy Policy | Terms Of Use

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

r

Do you care about free minds and free markets? Sign up to get the biggest stories from Reason in your inbox every afternoon.

This field is for validation purposes and should be left unchanged.

This modal will close in 10

Reason Plus

Special Offer!

  • Full digital edition access
  • No ads
  • Commenting privileges

Just $25 per year

Join Today!