Talk:Cryptocat
This is the talk page for discussing improvements to the Cryptocat article. This is not a forum for general discussion of the article's subject. |
Article policies
|
Find sources: Google (books · news · scholar · free images · WP refs) · FENS · JSTOR · TWL |
This article is rated C-class on Wikipedia's content assessment scale. It is of interest to the following WikiProjects: | |||||||||||||||||||||||||||||||||||||
|
The following Wikipedia contributor has declared a personal or professional connection to the subject of this article. Relevant policies and guidelines may include conflict of interest, autobiography, and neutral point of view.
|
File:Cryptocat Screenshot.jpeg Nominated for speedy Deletion
[edit]An image used in this article, File:Cryptocat Screenshot.jpeg, has been nominated for speedy deletion at Wikimedia Commons for the following reason: Copyright violations
Don't panic; deletions can take a little longer at Commons than they do on Wikipedia. This gives you an opportunity to contest the deletion (although please review Commons guidelines before doing so). The best way to contest this form of deletion is by posting on the image talk page.
This notification is provided by a Bot --CommonsNotificationBot (talk) 17:35, 24 December 2011 (UTC) |
Dubious
[edit]I think the claim that the PRNG in cryptocat doesn't show any bias is dubious. The source referred to in the article is from the project website, so there's also a potential WP:COI here or at the very least WP:PRIMARY. Since this is a recurring problem in the article, i am also restoring the marker 'primary sources' which was removed without sufficient clearing up of primary sources (only a few external links were added without removing primary sources).
As for the PRNG, there are plenty of documented ways to properly test a PRNG (which is in this case, a CPRNG, which requires even more severe testing). See CPRNG#Requirements, NIST's test suite, PRNG#BSI_evaluation_criteria or Diehard_tests. Another example of proper entropy testing is this review of different TCP sequence numbers generators. For the "Dubious" claim to be removed, I consider the PRNG would need to be tested by a third party using one of the above methods. -- TheAnarcat (talk) 16:48, 29 July 2012 (UTC)
DecryptoCat
[edit]http://tobtu.com/decryptocat.php
- The article currently states that "In June 2013, a tool called Decryptocat was announced" ... and then states that "The security problems highlighted in DecryptoCat have been resolved as of April 2013.". Either time travel is involved, or the two months are reversed, or ??? Twang (talk) 04:28, 15 July 2013 (UTC)
- He pointed out the bugfix months after it happened. ♥GlamRock♥ 15:06, 10 September 2013 (UTC)
What happened to the In-The-Browser version of Cryptocat?
[edit]It seems that Cryptocat today only functions as a browser plugin. There was a version that simply ran within a vanilla browser. What happened to that, and why the change? I can't find any discussion anywhere, not even a change log. ~ Agvulpine (talk) 13:12, 1 December 2013 (UTC)
Recent contributions by User:1Secretlove1
[edit]The cryptocat has been under recent attack from people trying to gather information for stealing identities, using the name of "victor", "victor castillo", "viktor", etc, and similar names, none of them proving to be the real "VictorDCastillo" [1] there is flaw in the system that allows identity theft by phi-sing links, and revealing personal information, one of the thefts has been identified by the nickname "anothername" . [2]
The text above was added to the article by User:1Secretlove1. See the following Wikipedia policies: Wikipedia:DUE#Undue_weight, Wikipedia:No original research and Wikipedia:Sources#Reliable_sources. --Nullnullthree (talk) 12:27, 14 April 2014 (UTC)
Other software "failed to work"?
[edit]Last paragraph in History: "In June 2013, Cryptocat was used by journalist Glenn Greenwald while in Hong Kong to meet NSA whistleblower Edward Snowden for the first time, after other encryption software failed to work."
What is meant here by "failed to work" and which other encryption software? Almost sounds like a general bashing ("bashing" might be the wrong expression) of other encryption software. More realistically Greenwald probably couldn't get the others to work since they probably weren't as user friendly. I might be nitpicking but that's a completely different thing than "failed to work". Does anyone have access to the book and can clarify? Thanks.
- Erik.Bjareholt (talk) 23:38, 3 November 2015 (UTC)
Claims made in the encryption section
[edit]Regarding the following statement that was added to the article:
- "Cryptocat messages obtain confidentiality, integrity, source authenticity, forward and future secrecy and indistinguishability even over a network controlled by an active attacker. In the event of a long-term identity key compromise, an attacker will be able to impersonate the victim's device identity in the future but cannot decrypt past messages."
I think we should refrain from making such claims unless they can be sourced with a technical review/audit of Cryptocat that has been made by a reliable third-party source after Cryptocat's re-release. Specifically one that has looked at Cryptocat's implementation of the protocol(s) that it uses. In the meantime, my suggestion is to use the following form:
- "Cryptocat's goal is for its messages to obtain confidentiality, integrity, source authenticity, forward and future secrecy and indistinguishability even over a network controlled by an active attacker."
The suggestion above does not need a technical review/audit as a source, but does need a source (preferably one that can be classified as a secondary source). I would remove the second sentence because it's just a description of forward secrecy, and can be replaced by an internal link to that article in the first sentence (or earlier). --Dodi 8238 (talk) 16:25, 21 April 2016 (UTC) [edited 16:27, 21 April 2016 (UTC)]
Crypto cat no longer in beta, please update
[edit]I don't know what to call the version
"Out of Beta! Cryptocat is no longer beta software. Bugs will certainly still occur in the upcoming history of the project, but we are reasonably confident in the reliability of the current client. Thanks to everyone who contributed to our more than 150 reports with bugs, feedback and enhancements!" - https://crypto.cat/news.html — Preceding unsigned comment added by Mermaidthrone (talk • contribs) 07:47, 23 July 2016 (UTC)
External links modified
[edit]Hello fellow Wikipedians,
I have just modified 3 external links on Cryptocat. Please take a moment to review my edit. If you have any questions, or need the bot to ignore the links, or the page altogether, please visit this simple FaQ for additional information. I made the following changes:
- Added archive https://web.archive.org/web/20141015215301/https://blog.crypto.cat/2014/04/recent-audits-and-coming-improvements/ to https://blog.crypto.cat/2014/04/recent-audits-and-coming-improvements/
- Added archive https://web.archive.org/web/20141111151356/https://blog.crypto.cat/2014/05/cryptocat-now-with-encrypted-facebook-chat/ to https://blog.crypto.cat/2014/05/cryptocat-now-with-encrypted-facebook-chat/
- Corrected formatting/usage for http://www.montrealgazette.com/technology/Free%2Bencryption%2Bsoftware%2BCryptocat%2Bprotects%2Bright%2Bprivacy%2Binventor/6166181/story.html
When you have finished reviewing my changes, you may follow the instructions on the template below to fix any issues with the URLs.
This message was posted before February 2018. After February 2018, "External links modified" talk page sections are no longer generated or monitored by InternetArchiveBot. No special action is required regarding these talk page notices, other than regular verification using the archive tool instructions below. Editors have permission to delete these "External links modified" talk page sections if they want to de-clutter talk pages, but see the RfC before doing mass systematic removals. This message is updated dynamically through the template {{source check}}
(last update: 5 June 2024).
- If you have discovered URLs which were erroneously considered dead by the bot, you can report them with this tool.
- If you found an error with any archives or the URLs themselves, you can fix them with this tool.
Cheers.—InternetArchiveBot (Report bug) 02:31, 15 August 2017 (UTC)
Site no longer available
[edit]Site (crypto.cat) is no longer functional: domain is for sale, on the site stub is a link to wire dot com as a secure messenger. I suppose links on the page should be removed as well? Boyandin (talk) 10:27, 9 September 2019 (UTC)
status = defunct
[edit]A reader should know whether the software is still available or not, but the parameter "status" in the infobox is unknown for the parser. Who made this "improvement", and why was it accepted? 85.193.252.19 (talk) 21:53, 21 October 2021 (UTC)
- C-Class software articles
- Mid-importance software articles
- C-Class software articles of Mid-importance
- C-Class Computing articles
- Unknown-importance Computing articles
- All Computing articles
- All Software articles
- C-Class Internet articles
- Mid-importance Internet articles
- WikiProject Internet articles
- C-Class Cryptography articles
- Mid-importance Cryptography articles
- C-Class Computer science articles
- Mid-importance Computer science articles
- WikiProject Computer science articles
- WikiProject Cryptography articles
- Articles edited by connected contributors