Hacker News: crnkovic

New comment by crnkovic in "“Super secure” messaging app leaks everyone's phone number"

crnkovic — Tue, 16 Dec 2025 00:19:26 +0000

Converso renamed itself to Freedom Chat after my blog post:

https://crnkovic.dev/testing-converso/

New comment by crnkovic in "Ask HN: Could you share your personal blog here?"

crnkovic — Fri, 07 Jul 2023 23:56:54 +0000

https://crnkovic.dev/

I write infrequently about things that interest me. My most popular: https://crnkovic.dev/testing-converso/

New comment by crnkovic in "Testing a new encrypted messaging app's extraordinary claims"

crnkovic — Thu, 11 May 2023 12:57:16 +0000

> whether the massive vulnerability you discovered was fixed.

Which massive vulnerability in particular? You'll have to be more specific, haha.

I confirmed the Firestore collections had some kind of server-side security rules added before publishing the post.

New comment by crnkovic in "Testing a new encrypted messaging app's extraordinary claims"

crnkovic — Thu, 11 May 2023 12:53:58 +0000

Glad you enjoyed it.

New comment by crnkovic in "Testing a new encrypted messaging app's extraordinary claims"

crnkovic — Thu, 11 May 2023 09:53:17 +0000

Who knows!

New comment by crnkovic in "Testing a new encrypted messaging app's extraordinary claims"

crnkovic — Thu, 11 May 2023 09:52:38 +0000

Thank you! Glad you enjoyed it.

New comment by crnkovic in "Testing a new encrypted messaging app's extraordinary claims"

crnkovic — Thu, 11 May 2023 07:50:28 +0000

Thanks! I'm glad you found it as interesting and thrilling as I did while discovering each (exponentially worse) mistake.

New comment by crnkovic in "Testing a new encrypted messaging app's extraordinary claims"

crnkovic — Thu, 11 May 2023 05:59:56 +0000

The problem with these tools is that they're extremely complicated to set up and use. Grandma wants a phone number, not a v3 Tor Onion Service address.

I'm interested in usable E2EE messaging apps -- that's what I compared Converso to. Whatever this is (I will read the docs some day) is in another realm.

Testing a new encrypted messaging app's extraordinary claims

crnkovic — Wed, 10 May 2023 23:15:33 +0000

Article URL: https://crnkovic.dev/testing-converso/

Comments URL: https://news.ycombinator.com/item?id=35894831

Points: 199

# Comments: 36

New comment by crnkovic in "Element is one of fourteen messaging apps blocked by Central Indian Government"

crnkovic — Fri, 05 May 2023 11:37:15 +0000

> This is basically an indirect validation that most non listed messaging apps supposedly offering e2e encryption such as Whatsapp or Signal have backdoors with access from any government asking for access.

More likely: the government doesn't want to cause 'too much' discomfort among ordinary citizens. The decision to not block popular apps such as WhatsApp is probably purely political.

Signal Groups V2 is a privacy downgrade

crnkovic — Fri, 05 May 2023 11:03:05 +0000

Article URL: https://crnkovic.dev/signal-groups-v2-is-a-privacy-downgrade/

Comments URL: https://news.ycombinator.com/item?id=35827662

Points: 2

# Comments: 0

New comment by crnkovic in "Bitcoin Exploit"

crnkovic — Fri, 05 May 2023 06:07:57 +0000

> if this was a non-issue they wouldn't be patching it

As far as I can tell, nobody is claiming it's a 'non-issue'. Rather, it's a minor issue with an impact that is greatly exaggerated or sensationalised by the person reporting it.

New comment by crnkovic in "Bitcoin Exploit"

crnkovic — Fri, 05 May 2023 04:41:33 +0000

This appears to be a description of a theoretical attack to cause a specific target networked Bitcoin node to consume quite a bit of bandwidth by returning blockchain data to the attacker. It doesn't seem like this would have any effect on the Bitcoin network at large, however. While I don't doubt that there exists an obscure client vulnerability that could be patched, it seems far-fetched and alarmist to categorise this as a "bitcoin exploit".

New comment by crnkovic in "Indian government bans 14 messenger apps including Element, Briar and Threema"

crnkovic — Tue, 02 May 2023 04:28:49 +0000

The blocked apps are:

1. Briar (decentralised encrypted chat app): https://briarproject.org

2. Crypviser (decentralised encrypted chat app): https://crypviser.network

3. Enigma (encrypted chat app): https://enigma.im/en/

4. Safeswiss (encrypted chat app): https://www.safeswiss.com

5. Wickr Me (discontinued encrypted chat app): https://wickr.com/me/

6. Mediafire (file hosting website): https://www.mediafire.com

7. BChat (decentralised encrypted chat app): https://bchat.beldex.io

8. Nandbox (unencrypted video/voice chat app): https://nandbox.com

9. Conion (encrypted chat app): https://play.google.com/store/apps/details?id=com.secapp.tor...

10. IMO (unencrypted video/voice chat app): https://imo.im

11. Element (encrypted chat app): https://element.io

12. 2nd Line (unencrypted VoIP app): https://www.2ndline.co

13. Zangi (encrypted chat app): https://zangi.com

14. Threema (encrypted chat app): https://threema.ch/en

Source: https://qz.com/india-has-blocked-14-messenger-apps-on-securi...