Bitcoin reached a new all-time high of $118,900 on Friday, surpassing its previous record of $113,822 set on Thursday. As Read more
Selling software to companies can be a daunting task, especially when it comes to meeting security requirements. Chas Ballew, founder Read more
Earlier this week, San Diego startup Gallant announced $18 million in funding to bring the first FDA-approved ready-to-use stem cell Read more
The world’s richest man buys out one of the most popular social media platforms and uses it as a propaganda Read more
On Sunday, Jack Dorsey, CEO of Block and co-founder of Twitter, introduced a new open-source chat app called Bitchat, aiming to provide secure and private messaging without a centralized infrastructure.
The app utilizes Bluetooth and end-to-end encryption, distinguishing itself from traditional messaging platforms that rely on the internet. With its decentralized nature, Bitchat holds potential as a secure tool in environments where internet surveillance or accessibility is limited. According to Dorsey’s white paper outlining the app’s protocols and privacy measures, security is a top priority in Bitchat’s system design.
Despite claims of security, the app has come under scrutiny from security researchers as neither the app nor its code has undergone any security reviews or testing, as acknowledged by Dorsey himself.
Following the launch, Dorsey appended a cautionary message on Bitchat’s GitHub page, warning users about potential vulnerabilities and advising against reliance on its security until a review is conducted.
Subsequently, Dorsey added a “Work in progress” note next to the warning on GitHub, amid revelations by security researcher Alex Radocea. Radocea identified a flaw in Bitchat’s identity verification system, allowing for impersonation and potential security breaches.
Radocea highlighted these security concerns, urging caution among Bitchat users and questioning the efficacy of the app’s security measures.
As additional issues emerged, including doubts over Bitchat’s claim of “forward secrecy” and a possible buffer overflow bug, concerns over the app’s security intensified.
In light of these findings, Radocea emphasized the need for thorough testing before endorsing Bitchat’s security features, cautioning against relying on its security claims prematurely.
In response to criticisms and concerns raised by Radocea and other researchers, Dorsey’s assertion that Bitchat has not been subjected to security testing was challenged. Radocea argued that external security review had indeed taken place, revealing concerning vulnerabilities.
Ultimately, the security of Bitchat remains questionable, prompting calls for a comprehensive security assessment to ensure the app’s reliability and user safety.
