Tim HadleyMay 28, 2023
raptor 

Wow, just look at that timeline 🔥

#Testing a new encrypted messaging app's extraordinary claims

https://crnkovic.dev/testing-converso/

Testing a new encrypted messaging app's extraordinary claims

How I accidentally breached a nonexistent database and found every private key in a 'state-of-the-art' encrypted messenger called Converso.

crnkovic.dev
May 27, 2023 at 9:30pmWeb
Show threadstandevMay 27, 2023
@raptor @sarahjamielewis is working on Cwtch, an open-source metadata-resistant messaging app.
Show threadraptor May 28, 2023
@standev @sarahjamielewis good to know, thanks for the heads up!
Show threadLukMay 27, 2023
@raptor oof. Thanks for the read!
Show threadraptor May 28, 2023
@Luk you’re welcome. I just stumbled upon it and I loved both the crescendo of the vulnerabilities and the rollercoaster of the timeline 😅
Show threadDevil May 28, 2023
@raptor Rule of thumb: never trust closed-source
Show threadraptor May 28, 2023
@devil amen to that! Corollary: when it comes to security, never trust too much open source as well
Show threadfanf42May 28, 2023
@raptor @hacks4pancakes 🤯, wow. WOW.
The legal team menace is totally what you expect from such scammers