
Cryptocat, Now on iPhone - e1ven
https://blog.crypto.cat/2014/03/cryptocat-now-on-iphone/
======
pinko
Help me understand why I should rely on the privacy of this app, if the OS on
which it's running is untrusted. Wouldn't it be trivial for Apple (or iOS
malware) to record keystrokes?

~~~
georgemcbay
Short of a serious undisclosed bug in iOS, malware should not be able to
record keystrokes from other apps.

But you are right in that if you don't trust the OS manufacturer not to be
snooping on you, you can't trust the app. In addition to logging keystrokes
they could be logging the contents of UI text controls as they are set. Even
if you implement your own custom keyboard and UI controls and your own
encryption prior to sending anything over a socket they could still be
snapshotting the phone's framebuffer regularly. There's no way to reliably
hide data that you can see visually (or data that has to be unencrypted in
memory at some point, even if you don't see it) from the lowest levels of the
OS.

Having said all of that, they probably aren't doing any of this, but they
could.

~~~
britta
From a week ago, a proof of concept of this kind of bug, "Background
Monitoring on Non-Jailbroken iOS 7 Devices":
[http://www.fireeye.com/blog/technical/2014/02/background-
mon...](http://www.fireeye.com/blog/technical/2014/02/background-monitoring-
on-non-jailbroken-ios-7-devices-and-a-mitigation.html)

> iOS7 provides settings for "background app refresh". Disabling unnecessary
> app's background refreshing contributes to preventing the potential
> background monitoring. However, it can be bypassed. For example, an app can
> play music in the background without turning on its "background app refresh"
> switch. Thus a malicious app can disguise itself as a music app to conduct
> background monitoring.

~~~
zeckalpha
I doubt this would get into the App store, but that's not the point, is it?

~~~
saurik
Of course, the idea is that the app would actually do something useful, would
do that useful thing correctly, and only activate the malicious code for
targetted users (none of which would be Apple testers).

------
WellDressed
Downloaded it, but have no one to chat with.

I created a room called: hackernews

Its group fingerprint is: BBD398AA E131E1644 6EF77D4E A2CDC074 F497ED37

I'm not sure the group fingerprint is required. I've noticed if you logout and
login with the same room name, it generates a different fingerprint.

~~~
Gnewt
I joined, but the fingerprint is different... :/

~~~
ZoF
A unique fingerprint is issued to each individual.

------
Mizza
Alternately: [https://chatsecure.org](https://chatsecure.org)

------
lclarkmichalek
I can never remember, is this the one that tptacek likes, or is that the other
one?

~~~
MichaelGG
No, this is the one written by a guy that just wanted to make "secure chat"
accessible. And went on to have plenty of flaws. (And no, Telegram is another
one, where they came up with their own scheme and brushed off all criticism by
saying they had some math PhDs so that's that.) IIRC the web version does JS
crypto and tries to sell that as more secure.

Cryptocat and Telegram seem to be very popular though, proving again that
technical superiority isn't really a good indicator of product success.
(WhatsApp had terrible security too, at least for a while, but they never went
on about how secure they were.)

~~~
fossuser
I think that's unfair - both text secure and cryptocat are interested in
making secure chat more accessible.

Making security applications accessible is an important problem to try and
solve. Security is difficult and I think they were fairly up front with the
potential issues with what they were building.

They've also been doing it for a few years now, the code is open source,
they've had professional security audits - what more could they possibly be
doing?

~~~
MichaelGG
TextSecure is solid as far as I know. What I meant with my comment is that
Cryptocat/Telegram put marketing and accessibility over security. They rather
sell a veneer of security in a cute package instead of actual security, along
with the difficult problems it brings. Both products ignored (and actually
told off) expert advice, which is quite telling.

IIRC, TextSecure was created by crypto expert[s].

------
bullfight
Super simple interface, I like it. However it seems to be lacking an obvious
way to leave your current conversation and enter a new one.

------
mokitaco
Not very secure if anyone can just waltz into your chat room.

~~~
Mtinie
Are you publicly posting your chat room's (not simple to guess) name?

------
13throwaway
For everyone looking for a chatroom try "lobby".

------
Fasebook
Why does anyone still care about Cryptocat?

