![Cryptocat security](https://loka.nahovitsyn.com/166.jpg)
![cryptocat security cryptocat security](https://vpnreviewz.com/wp-content/uploads/Cryptocat-screenshot.png)
This means that in practice, CryptoCat is no more secure than Yahoo chat, and Hushmail is no more secure than Gmail. I’ll detail it below, but the short version is if you use one of these applications, your security depends entirely the security of the host. Unfortunately, these tools are subject to a well-known attack. The most famous tool in this group is Hushmail, an encrypted e-mail service that takes the same approach. Ryan Singel, the editor (not the writer) of the Wired piece, responded by defending the original article and attacking Soghoian.Īt this point, I would have considered writing a long essay explaining what’s wrong with the whole concept behind Cryptocat, and echoing my complaints about the dangers of uncritically accepting the security claims of people and companies that write security software, but Patrick Ball did a great job:ĬryptoCat is one of a whole class of applications that rely on what’s called “host-based security”. After Wired published a pretty fluffy profile on the program and its author, security researcher Chris Soghoian wrote an essay criticizing the unskeptical coverage. Cryptocat is a web-based encrypted chat application.
![Cryptocat security](https://loka.nahovitsyn.com/166.jpg)