Cryptocat Encrypted Chat App Arrives on iPhone, iPad
By Paul Wagenseil, Tom’s Guide
The encrypted chat app Cryptocat has made it to iPhone and iPad, adding itself to the growing list of privacy-conscious mobile messaging apps.
“Easily have group conversations with your friends without fearing monitoring or interception,” reads the app’s description in Apple’s iTunes Store. “Cryptocat is [a] free, open chat that aims to provide an open accessible Instant Messaging environment with a transparent layer of encryption that’s easy to use.”
Unlike other secure messaging apps — such as Wickr, TextSecure or Silent Text — Cryptocat doesn’t require fixed usernames or accounts. Instead, people can create a disposable username and then start a new conversation or join an existing one.
“There are no buddy lists or account activity or account history to link back to the user,” lead Cryptocat developer Nadim Kobeissi wrote on the Cryptocat blog. “This way, Cryptocat offers a unique ephemerality that makes setting up encrypted conversations immediate and without any lasting history that can be traced back to users.”
Cryptocat apps already exist for several web browsers, including Apple Safari, Google Chrome, Mozilla Firefox and Opera. There’s also a stand-alone client for Mac OS X. The iOS mobile app can interact with any other Cryptocat build.
Asked whether Cryptocat was planning an Android version as well, Kobeissi told Tom’s Guide, “Yes!”
Asked whether he planned to ever make money off Cryptocat, Kobeissi, a recent college graduate based in Montreal, said, “No!”
Cryptocat uses the Off-the-Record Messaging (OTR) protocol to encrypt its messages, but its developers warn that it’s not perfect, and it certainly isn’t safe from prying by the National Security Agency or other intelligence or police services.
“Cryptocat is not a magic bullet,” the Cryptocat Chrome app warns. “You should never trust any piece of software with your life. Cryptocat can’t protect you against untrustworthy people or key loggers, and does not anonymize your connection” as Tor would. (An anonymizing Tor plug-in for several chat applications is in the works.)
Jonathan Zdziarski, a Boston-based expert on extracting data from iOS devices, stressed the Cryptocat iOS app’s limitations in a review he posted on the iTunes Store page.