It should be noted that this is the Popcorn Time fork that is actually <i>not</i> open source (unlike the original, and the other main fork). The VPN provider they are using here also seems to keep logs:<p><a href="https://en.kebrum.com/faq" rel="nofollow">https://en.kebrum.com/faq</a> (Technical Questions)<p>Oh, and according to these two posts, the app actually runs in an iframe with the code hosted externally with a non-secure connection:<p><a href="http://www.reddit.com/r/PopCornTime/comments/241y7i/remember_to_tell_anybody_that_time4popcorn_is/" rel="nofollow">http://www.reddit.com/r/PopCornTime/comments/241y7i/remember...</a><p><a href="http://www.reddit.com/r/time4popcorn/comments/24a7qd/why_time4popcorn_is_incredibly_dangerous/" rel="nofollow">http://www.reddit.com/r/time4popcorn/comments/24a7qd/why_tim...</a>