“Developers of the Cryptocat application for encrypting communications of activists and journalists have apologized for a critical programming flaw that made it trivial for third parties to decipher group chats. The precise amount of time the vulnerability was active is in dispute, with Cryptocat developers putting it at seven months and a security researcher saying it was closer to 19 months. As a result, activists, journalists, or others who relied on Cryptocat to protect their group chats from government or industry snoops got little more protection than is typically available in standard chat programs.”
