Talk:Cryptocat

This is the talk page for discussing improvements to the Cryptocat article. This is not a forum for general discussion of the article's subject.

Put new text under old text. Click here to start a new topic. New to Wikipedia? Welcome! Learn to edit; get help. Assume good faith Be polite and avoid personal attacks Be welcoming to newcomers Seek dispute resolution if needed Article policies Neutral point of view No original research Verifiability

Find sources: Google (books · news · scholar · free images · WP refs) · FENS · JSTOR · TWL

This article is rated C-class on Wikipedia's content assessment scale. It is of interest to the following WikiProjects:

Software: Computing Mid‑importance This article is within the scope of WikiProject Software, a collaborative effort to improve the coverage of software on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks. Mid This article has been rated as Mid-importance on the project's importance scale. This article is supported by WikiProject Computing. Internet Mid‑importance Internet portal This article is within the scope of WikiProject Internet, a collaborative effort to improve the coverage of the Internet on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks. Mid This article has been rated as Mid-importance on the project's importance scale. Cryptography: Computer science Mid‑importance This article is within the scope of WikiProject Cryptography, a collaborative effort to improve the coverage of Cryptography on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks. Mid This article has been rated as Mid-importance on the importance scale. This article is supported by WikiProject Computer science (assessed as Mid-importance).

The following Wikipedia contributor has declared a personal or professional connection to the subject of this article. Relevant policies and guidelines may include conflict of interest, autobiography, and neutral point of view. Kaepora~enwiki (talk · contribs) This user has contributed to the article. This user has declared a connection.

File:Cryptocat Screenshot.jpeg Nominated for speedy Deletion

Latest comment: 12 years ago1 comment1 person in discussion

An image used in this article, File:Cryptocat Screenshot.jpeg, has been nominated for speedy deletion at Wikimedia Commons for the following reason: Copyright violations What should I do? Don't panic; deletions can take a little longer at Commons than they do on Wikipedia. This gives you an opportunity to contest the deletion (although please review Commons guidelines before doing so). The best way to contest this form of deletion is by posting on the image talk page. If the image is non-free then you may need to upload it to Wikipedia (Commons does not allow fair use) If the image isn't freely licensed and there is no fair use rationale then it cannot be uploaded or used. If the image has already been deleted you may want to try Commons Undeletion Request This notification is provided by a Bot --CommonsNotificationBot (talk) 17:35, 24 December 2011 (UTC)Reply

Dubious

Latest comment: 11 years ago1 comment1 person in discussion

I think the claim that the PRNG in cryptocat doesn't show any bias is dubious. The source referred to in the article is from the project website, so there's also a potential WP:COI here or at the very least WP:PRIMARY. Since this is a recurring problem in the article, i am also restoring the marker 'primary sources' which was removed without sufficient clearing up of primary sources (only a few external links were added without removing primary sources).

As for the PRNG, there are plenty of documented ways to properly test a PRNG (which is in this case, a CPRNG, which requires even more severe testing). See CPRNG#Requirements, NIST's test suite, PRNG#BSI_evaluation_criteria or Diehard_tests. Another example of proper entropy testing is this review of different TCP sequence numbers generators. For the "Dubious" claim to be removed, I consider the PRNG would need to be tested by a third party using one of the above methods. -- TheAnarcat (talk) 16:48, 29 July 2012 (UTC)Reply

DecryptoCat

Latest comment: 10 years ago2 comments2 people in discussion

http://tobtu.com/decryptocat.php

The article currently states that "In June 2013, a tool called Decryptocat was announced" ... and then states that "The security problems highlighted in DecryptoCat have been resolved as of April 2013.". Either time travel is involved, or the two months are reversed, or ??? Twang (talk) 04:28, 15 July 2013 (UTC)Reply

He pointed out the bugfix months after it happened. ♥GlamRock♥ 15:06, 10 September 2013 (UTC)Reply

What happened to the In-The-Browser version of Cryptocat?

Latest comment: 10 years ago1 comment1 person in discussion

It seems that Cryptocat today only functions as a browser plugin. There was a version that simply ran within a vanilla browser. What happened to that, and why the change? I can't find any discussion anywhere, not even a change log. ~ Agvulpine (talk) 13:12, 1 December 2013 (UTC)Reply

Recent contributions by User:1Secretlove1

Latest comment: 10 years ago1 comment1 person in discussion

The cryptocat has been under recent attack from people trying to gather information for stealing identities, using the name of "victor", "victor castillo", "viktor", etc, and similar names, none of them proving to be the real "VictorDCastillo" [1] there is flaw in the system that allows identity theft by phi-sing links, and revealing personal information, one of the thefts has been identified by the nickname "anothername" . [2]

The text above was added to the article by User:1Secretlove1. See the following Wikipedia policies: Wikipedia:DUE#Undue_weight, Wikipedia:No original research and Wikipedia:Sources#Reliable_sources. --Nullnullthree (talk) 12:27, 14 April 2014 (UTC)Reply

Other software "failed to work"?

Latest comment: 8 years ago1 comment1 person in discussion

Last paragraph in History: "In June 2013, Cryptocat was used by journalist Glenn Greenwald while in Hong Kong to meet NSA whistleblower Edward Snowden for the first time, after other encryption software failed to work."

What is meant here by "failed to work" and which other encryption software? Almost sounds like a general bashing ("bashing" might be the wrong expression) of other encryption software. More realistically Greenwald probably couldn't get the others to work since they probably weren't as user friendly. I might be nitpicking but that's a completely different thing than "failed to work". Does anyone have access to the book and can clarify? Thanks.

- Erik.Bjareholt (talk) 23:38, 3 November 2015 (UTC)Reply

Claims made in the encryption section

Latest comment: 8 years ago1 comment1 person in discussion

Regarding the following statement that was added to the article:

"Cryptocat messages obtain confidentiality, integrity, source authenticity, forward and future secrecy and indistinguishability even over a network controlled by an active attacker. In the event of a long-term identity key compromise, an attacker will be able to impersonate the victim's device identity in the future but cannot decrypt past messages."

I think we should refrain from making such claims unless they can be sourced with a technical review/audit of Cryptocat that has been made by a reliable third-party source after Cryptocat's re-release. Specifically one that has looked at Cryptocat's implementation of the protocol(s) that it uses. In the meantime, my suggestion is to use the following form:

"Cryptocat's goal is for its messages to obtain confidentiality, integrity, source authenticity, forward and future secrecy and indistinguishability even over a network controlled by an active attacker."

The suggestion above does not need a technical review/audit as a source, but does need a source (preferably one that can be classified as a secondary source). I would remove the second sentence because it's just a description of forward secrecy, and can be replaced by an internal link to that article in the first sentence (or earlier). --Dodi 8238 (talk) 16:25, 21 April 2016 (UTC) [edited 16:27, 21 April 2016 (UTC)]Reply

Crypto cat no longer in beta, please update

Latest comment: 7 years ago1 comment1 person in discussion

I don't know what to call the version

"Out of Beta! Cryptocat is no longer beta software. Bugs will certainly still occur in the upcoming history of the project, but we are reasonably confident in the reliability of the current client. Thanks to everyone who contributed to our more than 150 reports with bugs, feedback and enhancements!" - https://crypto.cat/news.html — Preceding unsigned comment added by Mermaidthrone (talk • contribs) 07:47, 23 July 2016 (UTC)Reply

External links modified

Latest comment: 6 years ago1 comment1 person in discussion

Hello fellow Wikipedians,

I have just modified 3 external links on Cryptocat. Please take a moment to review my edit. If you have any questions, or need the bot to ignore the links, or the page altogether, please visit this simple FaQ for additional information. I made the following changes:

• Added archive https://web.archive.org/web/20141015215301/https://blog.crypto.cat/2014/04/recent-audits-and-coming-improvements/ to https://blog.crypto.cat/2014/04/recent-audits-and-coming-improvements/
• Added archive https://web.archive.org/web/20141111151356/https://blog.crypto.cat/2014/05/cryptocat-now-with-encrypted-facebook-chat/ to https://blog.crypto.cat/2014/05/cryptocat-now-with-encrypted-facebook-chat/
• Corrected formatting/usage for http://www.montrealgazette.com/technology/Free%2Bencryption%2Bsoftware%2BCryptocat%2Bprotects%2Bright%2Bprivacy%2Binventor/6166181/story.html

When you have finished reviewing my changes, you may follow the instructions on the template below to fix any issues with the URLs.

This message was posted before February 2018. After February 2018, "External links modified" talk page sections are no longer generated or monitored by InternetArchiveBot. No special action is required regarding these talk page notices, other than regular verification using the archive tool instructions below. Editors have permission to delete these "External links modified" talk page sections if they want to de-clutter talk pages, but see the RfC before doing mass systematic removals. This message is updated dynamically through the template {{source check}} (last update: 18 January 2022).

• If you have discovered URLs which were erroneously considered dead by the bot, you can report them with this tool.
• If you found an error with any archives or the URLs themselves, you can fix them with this tool.

Cheers.—InternetArchiveBot (Report bug) 02:31, 15 August 2017 (UTC)Reply

Site no longer available

Latest comment: 4 years ago1 comment1 person in discussion

Site (crypto.cat) is no longer functional: domain is for sale, on the site stub is a link to wire dot com as a secure messenger. I suppose links on the page should be removed as well? Boyandin (talk) 10:27, 9 September 2019 (UTC)Reply

status = defunct

Latest comment: 2 years ago1 comment1 person in discussion

A reader should know whether the software is still available or not, but the parameter "status" in the infobox is unknown for the parser. Who made this "improvement", and why was it accepted? 85.193.252.19 (talk) 21:53, 21 October 2021 (UTC)Reply