And why the hell should i use a app that is written by know poeple that prooven they have no clue about crypto? Why shouldn't i use one of the many apps that support OTR?
Cryptocat's private chat uses OTR. Our group chat function uses an open and studied multiparty protocol. Generally, our security bugs have been implementation errors much more than protocol design errors.
Surely, the best we can do as a community project is open up our code for more volunteers and experts to help and take a look. :-)
It's fine that you have faith in your product but I will believe what you say when other people outside the project confirm it, otherwise is just marketing.
I do not use gnupg because the creators say it's nice, I use it because everybody including their competitors says it's OK.
* Cryptocat: The original client. It's a signed browser extension that you download and install in your browser. It offers OTR implemented in JavaScript in a friendly chat interface. We take every precaution to make JavaScript more secure, such as using a signed browser extension to prevent code delivery MITM, using native cryptographically secure random number generation, and so on. More info on our JavaScript approach at my personal blog: http://log.nadim.cc/?p=33
* Cryptocat for iPhone: No JavaScript here! This is an app written in Cocoa Touch/Objective-C that implements OTR and our multiparty group chat protocol. It's really quite a simple app compared to what we had to do to put encrypted chat in the browser. It's new and needs review! Find bugs! Help a cool open source project! We'll send you rewards!
* Cryptocat for Android: No JavaScript here! This is an app written in Java that implements OTR and our multiparty group chat protocol. It's really quite a simple app compared to what we had to do to put encrypted chat in the browser. It's new and needs review! Find bugs! Help a cool open source project! We'll send you rewards!
All three clients are made to be 100% inter-operable.
Please tell me something that even approaches these conditions:
1. Implements OTR / Isn't a roll your own flawed cryptosystem like telegram?
2. Can be used by non technical users
3. Can be used on linux, osx, windows, ios and android?
4. Does not crash all the time (ios's chatsecure)
5. Is open source?
So far, unable to find it. It's easy to be a critic. Cryptocat and textsecure are the only two contenders, and right now cryptocat is the closest one to meet all of those conditions.
Doesn't have mobile integration and push notifications. I can't use it as a chat client on my iOS or Android device. There are many mature OTR chat clients for the desktop. Cool product although.
Surely, the best we can do as a community project is open up our code for more volunteers and experts to help and take a look. :-)