Crypton – Secure Anonymous SMS in the Cloud

holmb · on March 3, 2020

I noticed that their canary [0] has not been updated and it should have been updated at the latest on 21st of February.

threatofrain · on March 3, 2020

Interesting and concerning find. I think it would be useful to have a 3rd-party service that reliably alerts when canary conditions aren't fulfilled, along with a diff history.

dijksterhuis · on March 3, 2020

canarywatch.org existed until Q3 2019 [0]

> The coalition of organizations which created Canary Watch explained their decision to discontinue the project by stating that it has achieved its goals to raise awareness about "illegal and unconstitutional national security process, including National Security Letters and other secret court processes." The Electronic Frontier Foundation also noted that "the fact that canaries are non-standard makes it difficult to automatically monitor them for changes or takedowns."

[0]: https://en.wikipedia.org/wiki/Warrant_canary

rmrfstar · on March 4, 2020

The canary has been updated, but for some reason they rolled from SHA512 back to SHA1. Does not inspire confidence in their crypto-nerdery. Also, their logo is a bee. Bees make honey. Just saying.

Operators of these services tend to fall into 3 camps: the cipherpunks, the crypto AG's, and the one coin's.

I keep a strong prior on option 3, which means I need to be convinced a service is actually less hostile than whatever FAANG has on offer.

_3fw2 · on March 3, 2020

Pricing in the list can be implemented with a static dictionary in Javascript being served with the HTML on page load. It's not optimal at all ( as well as it returns 429 at the moment, for me ) to call an API to just get back a single price per country.

Another option you may think is a global refresh button which reloads this dictionary. But the lookup should be immediate.

Aside of this, great service. Well done :)

robtherobber · on March 3, 2020

This sounds like an interesting service, but I'm not sure I understand why is it so expensive. 8 EUR per month to send/receive texts sounds a bit much in my opinion. A more apropriate price for this would have been, I speculate, some 3 EUR.

But maybe I'm missing something essential here?

flotzam · on March 3, 2020

Their closest competitor seems to be https://smsprivacy.org who are similarly anonymity friendly (supporting Tor and cryptocurrency, and not requiring personal data for signup) and don't filter incoming registration messages. Price: 0.0015 BTC per day(!), which is ~$400 per month at the moment. And they don't support outgoing messages.

So Crypton.sh looks like an excellent deal. Wish they didn't require an e-mail address.