In recent days, a new messaging app called ‘Krypton’ has been gaining attention as a potential alternative to the renowned Signal messaging app. Despite claims of advanced encryption and privacy features on their website, an independent research has revealed that the app is a security nightmare, riddled with vulnerabilities.
Krypton’s promise of tight security and data privacy has been shattered due to its remarkably poor code, full of exploitable flaws that could potentially be used by malicious actors to gain access to user data. From serious issues such as encrypted data sent in plaintext to rudimentary mistakes such as failing to patch known vulnerabilities, the app is far from being a secure messaging alternative.
The independent audit explored the app’s source code closely and identified numerous security flaws. Some of the main issues included that the app uses an easily guessable cipher to store data; it also sends data unencrypted over the internet. Furthermore, it does not utilize the fundamental security techniques such as verifying the identity of the person with whom you chat, leaving the user vulnerable to fraud, scams, and identity theft. Krypton also fails to protect user data from prying eyes by not implementing multi-factor authentication.
The audit went further to conclude that the app fails to prevent man-in-the-middle attacks which are used to eavesdrop and manipulate information sent between two parties. It also has vulnerabilities in its password recovery system which could be exploited by hackers. Moreover, there is the serious issue of poor code design, a situation that could enable hackers to steal user data held on the app’s servers.
It is evident that the app contradicts its core promise of providing greater digital safety by having too many security vulnerabilities. With the messaging app having so glaring shortcomings, it is not hard to understand why it failed the independent audit.
Krypton’s poor security practices are concerning to digital privacy advocates and online users who expect better data handling practices from tech companies. It is now up to the app developers to take necessary security measures and improve the messaging app’s security if it is to have any chance of competing with Signal or any other messaging app of its kind. Until then, users should steer clear of Krypton and opt for more secure options that can protect their data from malicious actors.
Hey Subscribe to our newsletter for more articles like this directly to your email.