Talk:Cryptocat

Latest comment: 3 years ago by 85.193.252.19 in topic status = defunct

File:Cryptocat Screenshot.jpeg Nominated for speedy Deletion

edit
  An image used in this article, File:Cryptocat Screenshot.jpeg, has been nominated for speedy deletion at Wikimedia Commons for the following reason: Copyright violations
What should I do?

Don't panic; deletions can take a little longer at Commons than they do on Wikipedia. This gives you an opportunity to contest the deletion (although please review Commons guidelines before doing so). The best way to contest this form of deletion is by posting on the image talk page.

  • If the image is non-free then you may need to upload it to Wikipedia (Commons does not allow fair use)
  • If the image isn't freely licensed and there is no fair use rationale then it cannot be uploaded or used.
  • If the image has already been deleted you may want to try Commons Undeletion Request

This notification is provided by a Bot --CommonsNotificationBot (talk) 17:35, 24 December 2011 (UTC)Reply

Dubious

edit

I think the claim that the PRNG in cryptocat doesn't show any bias is dubious. The source referred to in the article is from the project website, so there's also a potential WP:COI here or at the very least WP:PRIMARY. Since this is a recurring problem in the article, i am also restoring the marker 'primary sources' which was removed without sufficient clearing up of primary sources (only a few external links were added without removing primary sources).

As for the PRNG, there are plenty of documented ways to properly test a PRNG (which is in this case, a CPRNG, which requires even more severe testing). See CPRNG#Requirements, NIST's test suite, PRNG#BSI_evaluation_criteria or Diehard_tests. Another example of proper entropy testing is this review of different TCP sequence numbers generators. For the "Dubious" claim to be removed, I consider the PRNG would need to be tested by a third party using one of the above methods. -- TheAnarcat (talk) 16:48, 29 July 2012 (UTC)Reply

DecryptoCat

edit

http://tobtu.com/decryptocat.php

The article currently states that "In June 2013, a tool called Decryptocat was announced" ... and then states that "The security problems highlighted in DecryptoCat have been resolved as of April 2013.". Either time travel is involved, or the two months are reversed, or ??? Twang (talk) 04:28, 15 July 2013 (UTC)Reply
He pointed out the bugfix months after it happened. ♥GlamRock15:06, 10 September 2013 (UTC)Reply

What happened to the In-The-Browser version of Cryptocat?

edit

It seems that Cryptocat today only functions as a browser plugin. There was a version that simply ran within a vanilla browser. What happened to that, and why the change? I can't find any discussion anywhere, not even a change log. ~ Agvulpine (talk) 13:12, 1 December 2013 (UTC)Reply

Recent contributions by User:1Secretlove1

edit

The cryptocat has been under recent attack from people trying to gather information for stealing identities, using the name of "victor", "victor castillo", "viktor", etc, and similar names, none of them proving to be the real "VictorDCastillo" [1] there is flaw in the system that allows identity theft by phi-sing links, and revealing personal information, one of the thefts has been identified by the nickname "anothername" . [2]

The text above was added to the article by User:1Secretlove1. See the following Wikipedia policies: Wikipedia:DUE#Undue_weight, Wikipedia:No original research and Wikipedia:Sources#Reliable_sources. --Nullnullthree (talk) 12:27, 14 April 2014 (UTC)Reply

Other software "failed to work"?

edit

Last paragraph in History: "In June 2013, Cryptocat was used by journalist Glenn Greenwald while in Hong Kong to meet NSA whistleblower Edward Snowden for the first time, after other encryption software failed to work."

What is meant here by "failed to work" and which other encryption software? Almost sounds like a general bashing ("bashing" might be the wrong expression) of other encryption software. More realistically Greenwald probably couldn't get the others to work since they probably weren't as user friendly. I might be nitpicking but that's a completely different thing than "failed to work". Does anyone have access to the book and can clarify? Thanks.

- Erik.Bjareholt (talk) 23:38, 3 November 2015 (UTC)Reply

Claims made in the encryption section

edit

Regarding the following statement that was added to the article:

"Cryptocat messages obtain confidentiality, integrity, source authenticity, forward and future secrecy and indistinguishability even over a network controlled by an active attacker. In the event of a long-term identity key compromise, an attacker will be able to impersonate the victim's device identity in the future but cannot decrypt past messages."

I think we should refrain from making such claims unless they can be sourced with a technical review/audit of Cryptocat that has been made by a reliable third-party source after Cryptocat's re-release. Specifically one that has looked at Cryptocat's implementation of the protocol(s) that it uses. In the meantime, my suggestion is to use the following form:

"Cryptocat's goal is for its messages to obtain confidentiality, integrity, source authenticity, forward and future secrecy and indistinguishability even over a network controlled by an active attacker."

The suggestion above does not need a technical review/audit as a source, but does need a source (preferably one that can be classified as a secondary source). I would remove the second sentence because it's just a description of forward secrecy, and can be replaced by an internal link to that article in the first sentence (or earlier). --Dodi 8238 (talk) 16:25, 21 April 2016 (UTC) [edited 16:27, 21 April 2016 (UTC)]Reply

Crypto cat no longer in beta, please update

edit

I don't know what to call the version

"Out of Beta! Cryptocat is no longer beta software. Bugs will certainly still occur in the upcoming history of the project, but we are reasonably confident in the reliability of the current client. Thanks to everyone who contributed to our more than 150 reports with bugs, feedback and enhancements!" - https://crypto.cat/news.html — Preceding unsigned comment added by Mermaidthrone (talkcontribs) 07:47, 23 July 2016 (UTC)Reply

edit

Hello fellow Wikipedians,

I have just modified 3 external links on Cryptocat. Please take a moment to review my edit. If you have any questions, or need the bot to ignore the links, or the page altogether, please visit this simple FaQ for additional information. I made the following changes:

When you have finished reviewing my changes, you may follow the instructions on the template below to fix any issues with the URLs.

This message was posted before February 2018. After February 2018, "External links modified" talk page sections are no longer generated or monitored by InternetArchiveBot. No special action is required regarding these talk page notices, other than regular verification using the archive tool instructions below. Editors have permission to delete these "External links modified" talk page sections if they want to de-clutter talk pages, but see the RfC before doing mass systematic removals. This message is updated dynamically through the template {{source check}} (last update: 5 June 2024).

  • If you have discovered URLs which were erroneously considered dead by the bot, you can report them with this tool.
  • If you found an error with any archives or the URLs themselves, you can fix them with this tool.

Cheers.—InternetArchiveBot (Report bug) 02:31, 15 August 2017 (UTC)Reply

Site no longer available

edit

Site (crypto.cat) is no longer functional: domain is for sale, on the site stub is a link to wire dot com as a secure messenger. I suppose links on the page should be removed as well? Boyandin (talk) 10:27, 9 September 2019 (UTC)Reply

status = defunct

edit

A reader should know whether the software is still available or not, but the parameter "status" in the infobox is unknown for the parser. Who made this "improvement", and why was it accepted? 85.193.252.19 (talk) 21:53, 21 October 2021 (UTC)Reply