Jack Dorsey says his ‘secure' new Bitchat app has not been tested for security
The app relies on Bluetooth and end-to-end encryption, unlike traditional messaging apps that rely on the internet. By being decentralized, Bitchat has potential for being a secure app in high-risk environments where the internet is monitored or inaccessible. According to Dorsey's white paper detailing the app's protocols and privacy mechanisms, Bitchat's system design 'prioritizes' security.
But the claims that the app is secure, however, are already facing scrutiny by security researchers, given that the app and its code have not been reviewed or tested for security issues at all — by Dorsey's own admission.
Since launching, Dorsey has added a warning to Bitchat's GitHub page: 'This software has not received external security review and may contain vulnerabilities and does not necessarily meet its stated security goals. Do not use it for production use, and do not rely on its security whatsoever until it has been reviewed.'
This warning now also appears on Bitchat's main GitHub project page, but was not there at the time the app debuted.
As of Wednesday, Dorsey added: 'Work in progress,' next to the warning on GitHub.
This latest disclaimer came after security researcher Alex Rodocea found that it's possible to impersonate someone else and trick a person's contacts into thinking they are talking to the legitimate contact, as the researcher explained in a blog post.
Techcrunch event
Save up to $475 on your TechCrunch All Stage pass Build smarter. Scale faster. Connect deeper. Join visionaries from Precursor Ventures, NEA, Index Ventures, Underscore VC, and beyond for a day packed with strategies, workshops, and meaningful connections.
Save $450 on your TechCrunch All Stage pass Build smarter. Scale faster. Connect deeper. Join visionaries from Precursor Ventures, NEA, Index Ventures, Underscore VC, and beyond for a day packed with strategies, workshops, and meaningful connections.
Boston, MA
| REGISTER NOW
Rodocea wrote that Bitchat has a 'broken identity authentication/verification' system that allows an attacker to intercept someone's 'identity key' and 'peer id pair' — essentially a digital handshake that is supposed to establish a trusted connection between two people using the app. Bitchat calls these 'Favorite' contacts and marks them with a star icon. The goal of this feature is to allow two Bitchat users to interact, knowing that they are talking to the same person they talked to before.
Dorsey did not respond to TechCrunch's request for comment sent to his Block email address.
A screenshot showing an example of a chat where an attacker has impersonated 'Bob' in a chat with 'Alice,' which Bitchat made it seem like it was really coming from Bob. (Image: Alex Rodocea)
On Monday, Radocea filed a ticket on the GitHub project to ask how to report the security flaw he discovered in the Bitchat Favorites system. Soon after, Dorsey marked it as 'completed,' without comment. (Dorsey re-opened the ticket on Wednesday, saying security issues can be reported by posting on GitHub directly.)
Another person reported concerns with Dorsey's claims that Bitchat has 'forward secrecy,' a cryptographic technique that ensures that even if an attacker steals or compromises an encryption key, that attacker still cannot decrypt previously-sent messages.
Someone also pointed out a potential buffer overflow bug, which is a common type of security vulnerability where a hacker can force a device's memory to spill out to other locations, opening the door for a data compromise.
Radocea warned that Bitchat users should not trust the app yet.
'Security is a great feature to have for going viral. But a basic sanity check, like, do the identity keys actually do any cryptography, would be a very obvious thing to test when building something like this,' Radocea told TechCrunch. 'There are people out there that would take the messaging around security literally and could rely on it for their safety, so the project in its current state could endanger them.'
Referring to his and other people's findings, Radocea criticized Dorsey's warning that Bitchat has not been tested for security.
'I'd argue it has received external security review, and it's not looking good,' he said.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Yahoo
17 minutes ago
- Yahoo
How life insurance builds generational Black wealth
What if the secret to generational wealth only costs you one date night a month? In this episode of Financial Freestyle, Ryan Smith, vice president of Atlanta Life Insurance, reveals how life insurance isn't just for when you die - it's a powerful financial tool while you're still alive. Ross Mac and Ryan Smith break down the myths and spotlights why life insurance might be the most overlooked $70B side hustle in America. Listen and subscribe to Financial Freestyle on Apple Podcasts, Spotify, or wherever you find your favorite podcasts. Financial Freestyle with Ross Mac on Yahoo Finance is dedicated to promoting economic prosperity for all. Through expert insights, practical advice, and inspiring success stories, we empower you to build and grow wealth. Join us on this transformative journey toward financial freedom and inclusive economic growth. If you have the opportunity to give your family tax-free, um,Seven figure sums and even many of demise. Like that seems like that would be sort of life-changing across generations, right? And you can often do that um for the cost of one date night per month, right? Or sort of one pair of shoes. Welcome to Financial Freestyle here on Yahoo Finance, and I'm your host, Ross Mack. Now look guys, no matter where you are on your journey of building wealth, you can never stop learning, and that's why each and every week I'm giving you guys gems on gems and today's no different because we're talking to one of my really, really good friends, Mr. Ryan Smith, vice president of Atlanta Life Insurance. My guy Ryan, how are you living, baby? I'm good, but it's good to see you. How are you? Man, it's, it's remarkable to have you on here, to the people, to the, listen, let me let y'all in on the secret. I was a young intern at Morgan Stanley. It was very rough around the edges. I was probably like 19 years old, and Ryan was like, Yo, who's this kid and how they let him even get an internship? He pulled me and said like, look young fella, you got to tighten up. And for that, I'm gonna always be grateful, man, it was uh a pleasure to look out for you, man. I saw sort of the potential, just had to get the rules of the game too. I appreciate you, but look, man, obviously I know you and I look at you as one of the big homies and you've done a lot, but to the world, who was Ryan Smith? Who is Ryan Smith? Ryan Smith is a kid from the South side of Chicago. Um, grew up, my parents are still there, um, have 4 siblings, one of my sisters is still there. Um, but the reality is sort of good, the bad and the ugly are growing up in the South Side, it made me who I but also, um, started thinking through how to sort of maximize the good in that community, how to minimize the, the bad and the ugly, and also understanding sort of the common trends that exist in communities like the one.I grew up in, right? And so whether that's in Chicago, whether that's in DC, whether that's in Atlanta, whether that's in Los Angeles, sort of name your city, you often find it sort of these similar neighborhoods that are deprived of opportunity, um, but full of talent. And so I wanted to think through, um, how to unlock that talent, how to create more opportunity, and ultimately decided that my path would be building and investing in large scale minority owned with the belief that they would employ um from those communities and invest in those communities, um, and love on those communities in the way they deserve. And so that's the journey I've been on, um, and it's, it's been fun and it's been rewarding. I love to hear it, man. I love obviously what you're doing. Um, but the reason we're here right is because after you went into private equity with right alongside uh one of the greatest basketball players of all time, Isaac Johnson, you ended up buying the oldest black owned life insurance company. Walk me through that, help me understand one, why was that a great target company to buy, and then, you know, let's actually talk about what you're doingnow. Yeah, so like you said, right, I backed my way into sort of this insurance industry, um, which is huge, it's multi-trillion dollars, um, but had not paid that much attention to it been what now, 2014, um, had the opportunity to evaluate an acquisition opportunity which was an insurance company actually based in Chicago called Equirust, um, which is an annuities provider that began sort of the full on immersion into insurance. Um, frankly, that company is a weed oil machine run by a gentleman Eric Holloman and so discovered the that insurance products can be, right? So if you think about annuities, you think about sort of solving what's called longevity risks. People outliving their money. There's a lot sort of discussed about sort of the retirement crisis and people not having enough saved and annuities sort of help that all I have to say, um, looked for another opportunity to sort of, uh, do it again, became aware of Atlanta Life Insurance Company. And so for context, 120 years of existence, 120 years of service, founded by a man born into slavery who went on to become the first black millionaire in Atlanta, and he did that by serving and to serve. He served his community, providing them with life insurance at a time, um, that other corporations and other entities wouldn' sort of fast forward 120 years later, we shorten the next 100 years, and the mission remains the same. It is ensuring that people have financial protection and also an opportunity to grow their wealth. Um, and so we do that through an insurance perspective, but also with a belief and commitment to we do best when our policyholders do best, and for that reason, uh, we promote holistic wellness. So not only financial but and mental, and so often sort of in the community sort of engaging, uh, the communities where the policyholders or not, um, and ensuring that they're living sort of their best and their longest lives. And so it's uh, it's been sort of emerging of all my different passions into uh this current role, and it's uh it's been fun, it's been an honor, so enjoying the journey. That's awesome, man. Look, when I holistically about right building true generational wealth, a huge component of it is life insurance, right? And I think about the easiest way to build generational wealth is one, you just gotta be selfless by actually having life insurance, which you could then pass on to the next. So let's start really digging into it because I'm learning a lot more obviously through you and your company, but like first off, like what's the biggest misconception when it comes to lifeinsurance? It's a number of things. Oftentimes people overestimate the cost of it, right? And so to your point about sort of building generational wealth, if you have the opportunity to give your family tax-free, um,7 figure sums and the many a demise. Like that seems like that would be sort of life changing across generations, right? And you can often do that um for the cost of one date night per month, right? Or sort of one pair of shoes. Uh, and so people often overestimate sort of the value that you can get from a life insurance and then too there's often sort of this question, uh, about sort of how much somebody needs, right? Um, butWe actually have a calculator where you can actually input sort of all these sort of key variables throughout your life on wealth and and it can actually suggest the amount to you and sort of show you where you rank relative to others. Uh, but another piece that people miss is life insurance doesn't only sort of provide uh, when you've passed away. And I think that's sort of a significant difficulty of the conversation about life insurance. People don't want to think about their mortality, um, and think about passing along, but the reality is life insurance can do a whole lot for you while you're here. So, when it comes to the living benefits of life insurance, can you pleaseEducate the on that. Yeah, so, in the most basic sense, so if we talk about sort of permanent life policies, we've heard them referred to as whole life policies, universal life policies, um, and sort of index universal life policies, right? And so if you think about sort of theComposition of those entities. One, it is sort of ensuring that you have life insurance and a death benefit need any a demise, but the other piece of it is what's called cash value, right? And so every time you're paying premium, you're creating value um that can earn an interest rate, right? And there areof ways this interest rate can sort of be calculated, right? If it's whole life, um, it's typically sort of one rate if it is indexed to an index, um, it can often be sort of market driven, right? And so you get some elements of market returns with some downside protection and then there are other sort of variations of that sort of variable universal life, and that is sort of the asset component that people refer to, right? And so as you sort of accumulate that cash value over time, um, that is now sort of your asset to, uh, do things with, right? And so you can pull from that and sort of repurpose those dollars for other things, um, is, is really sort of what people are talking about in terms of utilizing that asset and so you getSomething that is giving you a variety of different purposes. Everything from your death benefit to what I'll call a savings vehicle that's earnings with a meaningful rate of return that also has safety and grows in a tax divert and sometimes tax-free manner. And so they call it the and asset sometimes, right? Because it just does a bunch of things. And then if we think about sort of one product, um, if you sort of take some of those funds out depending on the way you do a sort of dollar earnings perspective, you can still earn interest on that while also repurposing sort of those dollars into whether it be paying for school, paying for a wedding, funding a business and things of that sort and insurance can almost be like a Swiss Army knife um that can aid you throughout life and multiple capacities, right? And if we think about this relative to like a 529 education plan, right? So oftentimes you have children, uh people recommend you get your 529, which I'm perfectly fine with. I have one for my daughter, um, but you can alsoGet your child a permanent life policy, take the benefit of them being young and thus premiums being cheaper, and then just put the power of compounding on their side from the very beginning, right? And so if you think about this sort of illustratively, for $100 a month, when your child turns 18, they could have cash value of call at $300,000 right?And that $300,000 can be used to fund education. It could be to fund their business idea. It can do a variety of things. Uh, and all while still having that death benefit in place, so you're ensuring sort of, um, a generational sort of wealth transfer, um, and sort of the continuity of wealth, um, through sort of the, the future generations to come. That's heavy. We gonna, we gonna, we definitely got to get more into that. Look guys, we're gonna take a real quick break, but when we come back, we're gonna let you know even more about the different types of life insurance policies you can get, especially at Atlanta back to Financial Freestyle here on Yahoo Finance. I'm your boy Ross Mack and look guys, much like many other people, right, your favorite personal finance guy is either gonna be me, Ross Mack or Dave Ramsey. And as a result, right, a lot of people might listen to Dave Ramsey and one of the things he says is like, at the end of the day, all you need is insurance. And so, Ryan, I really wanna get your opinion on it. Theeasiest way to think about it is term life policies versus permanent policies, right? And literally, term life insurance products are called term because they are in place for a certain term, right? Sometimes that's 10 years, sometimes that's 20 years, sometimes it's 30 years, sometimes it's more, um, but it sort of depending on the features of this you are still alive, if you have a 30 year term policy and you are still alive at sort of year 30 and day one, then that policy can turn out. And so when you think about your question, if you think about Dave Ramsey, his perspective is often sort of just get a term policy and invest the I don't take issue with that on its face, right? It's just the completion of the, the, the mission, right? And so, yes, get a term policy. We sell term policies, but then what typically doesn't happen is people don't invest the rest. They spend the rest or they just don't right? And so, rather than with a permanent life policy, you get the sort of investment component as a part of your product. With a term policy, there is a secondary action that you then need to take to generate the investment return that you would get, um, and a sort of permanent policy, right? And so,It's a preference thing, right? I am a believer andPermanent policies sort of providing the best value, but I also understand the value of term policies and personally I have both. Um, and sort of, yeah, and so when we talked about sort of giving your family a seven figure sum upon your demise and that being the cost of one night out, that is probably a term policy. Uh, and if we think about sort of meeting everybody where they are and sort of with their variety of term policies are appropriate for many people. And so when we talk about sort of the life insurance protection gap.A key way to sort of ensure that we start getting people life insurance policies and the appropriate amount will often include term. And so again, I don't take issue with Dave Ramsey's perspective. Um, I do take issue when he attacks, uh, other forms of life insurance cause they all have their value, they all have their sort of method and approach, uh, and so two things can be true at once. You know, the one thing that is not often talked about, right? So say I, you know, I get married at 30.I get a 30 year term policy, right? So, I got, you know, million dollar term policy, $2 million.03 million dollars, whatever it is, but that's only for 30 years till I get to 60. At the end of the day, right? Actuaries, the people that are, you know, coming up with how much I should pay and you know, the people that are crunching the numbers for the goal is one for them to make money, right? And my understanding is less than 2% of term policies actually pay out. And so when I do,Get married at 30, have kids, and I turned 60, I then have no life insurance. And so if I want to get life insurance, now at the age of 60, that premium is considerably different than when I was at 30 because well now I'm closer to, you know, when I do pass away. And so another thing that, you know, I, I didn't take into account when I got my first term policy was, oh, it's cheaper, let me just do this, but the idea is thatWhen I turn 60, I now gotta take a brand new, you know, uh, gotta, gotta do a new physical and got to screen all my health, etc. And so now, as you can get older, right, and so like obviously I'm understanding now I'm doing more research, there's a lot of creative ways where you canYou know, maybe bump up the premium as you start to make more money or something, but like the idea of having a permanent policy does seem more attractive, especially as you can kind of customize it. So, talk about some of those customizable things that the average person doesn't even know about. Yeah, so again, right, like this isn't a mutually exclusive thing. You can have more than one life insurance policy. You can have more than one type of life insurance policy. Um, but as a general matter to the point you just younger you are when you get life insurance, the better, right? And the presumption is that sort of you are healthier at call it 20 or 30, then you will be at 60. And so when you think about sort of pricing a life insurance policy at 60, like that is when some elements of age uh sort of start to reflect themselves and and people find themselves having some health issues or just frankly you probably have more life behind you than you do in front of you, right? And so those are all considerations when it comes to pricing. Um, but one way people think about term is sort of matching it to a liability, right? And so to your point about 30 year term, getting it at 30.A lot of times it's because you have a 30 year mortgage, right? Or you have a child that was just born and you're trying to ensure um that you can support them until they are able to sort of financially support themselves on their own, um, but then there are a number of ways to sort ofAnd shortest you have coverage, the one of the easiest and and sort of why I advocate for permanent life policies because they're permanent, right? And so we don't have this issue. And so you go through your underwriting when you buy the policy, the policy, uh, assuming all goes well is issued, and now you don't have to worry about that so long as you sort of pay your but if we want to sort of think about this from a term perspective too, there's a weird, there's a way to sort of layer different term policies to cover different sort of amounts, different stages of life, different liabilities, different cash flows, uh, and some sometimes people do that. And so like there are myriad ways that you can can utilize life insurance and have it sort of address your needs, your life and then something that we take pride in here is, is sort of building a product that grows with you, right? And so if you think about sort of the normal expectation in someone's life, it's that sort of over the course of time, you earn more and more money, right?And so what that could mean for 21 year old Ross is that I can only afford sort of X amount of premium per month. But then 25 things start going better for me and sort of that same percentage say that was 1% of sort of my earnings, that equals a different number andSo that allows me to sort of have more premium, have sort of more cash value accumulation, etc. and so on and forth. And so at 30, at 35, at 40, so you have this permanent policy, you're paying your premiums, you can raise your premiums and thus accelerate sort of the growth of your cash what you now have is a product that literally grows with you, uh, and adjusts to the stage of life you're in, um, and becomes this asset for you, uh, that you can always have. I love it,man. Look, for the interest of time, I got one more question, but we could go all day, um, not even gonna lie, cause this is uh super for me, butWhere can people find out more information about just general, you know, life insurance questions? Yeah, so we understand that uh there are tons of sort of misconceptions, tons of unknowns, and so for that reason, we launched a financial literacy and insurance literacy called wealth and equity, and it can be found at wealth and And so on there you can learn about financial literacy, you can learn about life insurance, you can literally see video testimonies of the impact and the ways um that life insurance has impacted different people's lives, um, and so and and also to the point of people being unsure how much they need. You can literally go there, sort of put in the details of your unique circ like or situation, uh, and actually get an estimate of sort of how much life insurance you should have based on your unique circumstances. And we think that's sort of a huge equalizer and sort of bridge builder um for those who have concerns about it and furthermore we, you can get a quote and so you can understand sort of one, how much you need and how much that can cost, and then it's your choice on whether or not you and then one other thing I want to talk about, right, isI alluded to this earlier. So Limra, which is sort of the research body for life insurance, um, does a study every year. It's called the Barome study. Their most recent study said that 102 million American adults life insurance or need more life insurance. So relative to sort of what they have, like, for example, they may have a group benefits policy that covers one or two extra salary, that's drastically different when we talked about the figures of sort of needing 10X or 20X. Um, but if we think about sort of what that means from a dollar perspective, they say the gap is call it like.$25 trillion. Um, and if we think about what that means from a premium opportunity, that's $70 billion. If you think about, and that's on an annual basis, so $70 billion of premium on an annual basis. If you think about how life insurance is often sold, it's sold through so every sort of life insurance policy that you sell, um, you're able to generate commission and sort of you just heard the size of the opportunity, $70 billion a year in that's a significant sort of economic opportunity, and I'm all supportive but people sort of getting their real estate licenses and having side hustles, like there needs to be more consideration to this life insurance opportunity cause you're doing good, so you're getting people a product they need. You're protecting them, you're protecting their family, you're giving them something depending on the product that can be an asset. uh, and it can be a significant sort of income generation opportunity for and so, uh, I, I try and sort of tell more, more and more folks about this opportunity because it is vast, it can be lucrative, and you're literally, um, doing a good service by people by ensuring they have these things, and so, uh, go, go tell a friend. Well, that's a million dollars worth of game. People, let's give a roll welcome and thank you to my dog, Ryan Smith of Atlanta Life. And that's it for this episode. People make sure you tune in each and every week. Tell your mama, your auntie, and your cousins to tune in, subscribe, leave a comment, and share with somebody they love. Appreciate you, content was not intended to be financial advice and should not be used as a substitute for professional financial services. Related Videos Social Security checks are going paperless: What you need to know Goldman Sachs' Lotfi on Ending Overweight Credit Broadcom's record, Charter's Q2 miss, Newmont's buyback plan Palantir highs, Phillips 66 Q2 beat, Comcast's Versant spin-off Sign in to access your portfolio
Yahoo
17 minutes ago
- Yahoo
Palantir Stock Offers ‘One of a Kind Growth.' Should You Buy PLTR Here?
Palantir (PLTR) shares are extending gains today after a Piper Sandler analyst initiated coverage of the big data analytics firm with an 'Overweight' rating. In his research note, Brent Bracelin announced a $170 price target on PLTR, indicating potential upside of another 8% from here. More News from Barchart This Self-Driving Car Stock Is Surging on a Major Nvidia Boost UnitedHealth Stock Spirals Lower Again. Don't Buy the Dip. UNH Stock Falls as UnitedHealth Confirms DOJ Probe. How Should You Play Shares Here? Stop Missing Market Moves: Get the FREE Barchart Brief – your midday dose of stock movers, trending sectors, and actionable trade ideas, delivered right to your inbox. Sign Up Now! Bracelin's bullish call is significant given Palantir stock is already up some 150% versus its year-to-date low set in mid-January. Piper Sandler Downplays Valuation Concerns in Palantir Stock Brent Bracelin agreed that a forward price-earnings (P/E) multiple of more than 400x on PLTR shares makes them a 'high-risk' investment. But investors should own them, nonetheless, since they offer a 'one-of-a-kind growth plus margin model that if proven durable could grow into a $24 billion run-rate by 2032,' his reported added. The Piper Sandler analyst dubbed Palantir stock's explosive rally over the past three months a 'rise of the phoenix moment,' emphasizing that valuation alone shouldn't define this AI 'all-star.' PLTR Shares Could Extend Gains After Q2 Earnings on August 4 On Friday, the investment firm also dubbed Palantir shares a 'secular winner' within the artificial intelligence space. According to Brent Bracelin, the Nasdaq-listed firm will push further to the upside as it continues to gain share 'across two $1-plus trillion total addressable markets.' Piper Sandler's bullish note arrives only a week before PLTR is scheduled to report its earnings for the second quarter. Consensus is for the company to earn $0.08 on a per-share basis, more than 150% higher than the $0.03 a share it earned in the same quarter last year. If the Denver-headquartered firm beats these estimates, it could validate Piper Sandler's positive view and trigger another leg up in PLTR stock. Wall Street Recommendation: Pull Out of Palantir Now Investors should note, however, that other Wall Street firms recommend pulling out of PLTR shares following their meteoric rally since early April. The consensus rating on Palantir stock currently sits at 'Hold' only with the mean target of about $107 indicating potential downside of more than 30% from current levels. On the date of publication, Wajeeh Khan did not have (either directly or indirectly) positions in any of the securities mentioned in this article. All information and data in this article is solely for informational purposes. This article was originally published on Sign in to access your portfolio
Yahoo
17 minutes ago
- Yahoo
Everlight Solar Named Milwaukee's Top Choice Winner
MILWAUKEE, July 24, 2025 /PRNewswire/ -- Everlight Solar is honored to announce its recognition as a Milwaukee Top Choice winner for 2025. This community-powered award celebrates businesses that go above and beyond for the people they serve in Milwaukee, Wisconsin. Selected through public nominations and votes, this award highlights Everlight's commitment to its customers, clean energy, and community impact. "We want to thank the people who believe in our mission as we expand across the Midwest," said William Creech, President and CEO of Everlight Solar. "Our mission is to make going solar simple and affordable for homeowners, and Milwaukee is a great city we're happy to serve." Everlight Solar continues to grow its footprint in the region, providing professionalism and clarity with unmatched support throughout every step of the solar journey. Beyond energy, the company invests in the communities it serves through regular volunteer events and partnerships with local nonprofits like the Guest House of Milwaukee and Adopt-A-Highway. Everlight Solar would like to thank its customers, staff, and partners who voted and helped make this award possible. They remain dedicated to helping more Milwaukee residents harness the sun's power and are proud to be recognized as a trusted leader in the solar industry. For more information about Everlight Solar and to see if going solar is right for you, visit About Everlight Solar Everlight Solar is the fastest-growing solar company in the Midwest, with operations in Wisconsin, Minnesota, Idaho, Nebraska, Oregon, Utah, and Wyoming. Everlight Solar earned a spot on both the 2023 Inc. 5000 and 2024 Inc. 5000 lists in their first two years of eligibility. To learn more about open jobs or going solar for your home, visit View original content to download multimedia: SOURCE Everlight Solar Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
