With the 2 prominent features:
- Encrypted Chat: your chat will be encrypted with a password so only when you type in the correct password then it will be unlocked.<p>- Ephemeral Chat: your messages will be self-destructed after a few minutes.
99% of people don't know that they don't know enough to know this is providing a false sense of security. People running illegal underground charities in West Whereisitstan are almost certainly not crypto experts, and are all probably fairly naive in the way one has to be naive in order to do charity work in West Whereisitstan. "Caveat emptor" doesn't cut it.<p>Single DES is absurd in this day and age, and password-based encryption is worse. Jack the Ripper renders this no stronger than a secret decoder ring, and a thousand times more dangerous because of the false sense of security.<p>Edit: I'm probably overly sensitive. One of my ex girlfriends has several uncles, three of whom went to prison for not belonging to the state religion. Thankfully they didn't live in one of the countries where such things are currently capital offenses, and were able to immigrate to more tolerant countries.<p>Perfect forward secrecy needs to be the default, perhaps with an option to switch to a stored history mode. Use 256-bit AES in GCM mode.<p>For the stored mode, don't use password-based-encryption, but rather generate a GnuPG key pair on each device the first time the client is used. 4096-bit RSA/El Gamal or 256-bit ECC should be the minimum key sizes. The first time a new device is added to an account, upload its public key and tell the user they need to "authorize" this device from one of their existing devices in order to see past conversations. When they log in from another device, ask them if they've really added the new device, and if they respond that they have, have the old device add the new device as a recipient to all of the existing messages. This can be done by sending only the preamble of each message to the old client for it to decrypt the symmetric key, and re-encrypt the session key for the new recipient, and send the encrypted session key back to the server. Don't take any shortcuts. If a conversation is between Alice and Bob, and Alice adds a new device, never ask Bob to re-encrypt old conversations for Alice's new device, because Bob's answer will always be "Mein StasiPhone? I dunno if Alice added a new device. Fuck it, sure, why wouldn't I give Alice's new phone access?"<p>If your product as currently implemented gets many users, it's a statistical certainty that some of them will go to prison due to the false sense of security you're giving them. I hope they're all going to nice prisons in respectable countries and for doing things that are objectively evil.
A highly detailed explanation on how encryption is used and what type etc, is most definitely needed on the products website to make anyone vaguely trust this.<p>IMO, the app interface needs improving.
"ONLY you and your partners, who know the password, can access the secure messages"<p>Maybe I missed something, but how exactly is this "secure"? I'm assuming ccPing will still store these messages in a database which will be vulnerable to attack.<p>I mean, is this going through the TOR network or something?
Yet another closed-source "secure" messenger.
That's interesting, but if I was a chinese dissident I would never trust a closed-source messenger.<p>(btw I would try it for sure if you'll port it to BB10!)