Bad kitty! “Rookie mistake” in Cryptocat chat app makes cracking a snap

Posted by BernardSwiss on Jul 7, 2013 11:34 PM EDT
Ars Technica; By Dan Goodin
Mail this story
Print this story

The precise amount of time the vulnerability was active is in dispute, with Cryptocat developers putting it at seven months and a security researcher saying it was closer to 19 months. Both sides agree that the effect of the bug was that the keys used to encrypt and decrypt conversations among groups of users were easy for outsiders to calculate. As a result, activists, journalists, or others who relied on Cryptocat to protect their group chats from government or industry snoops got little more protection than is typically available in standard chat programs. Critics said it was hard to excuse such a rudimentary error in an open-source piece of software held out as a way to protect sensitive communications.

Full Story

» Read more about: Story Type: News Story, Security

« Return to the newswire homepage

This topic does not have any threads posted yet!

You cannot post until you login.