Table of contents
Privacy-focused
Cwtch is designed with privacy in mind, ensuring that user communications are end-to-end encrypted and metadata is minimized, which greatly reduces the chances of surveillance.
Decentralized
Cwtch operates on a decentralized infrastructure, which means there is no single point of failure or control, enhancing resilience against censorship and centralized control.
Open Source
Being open source, Cwtch allows users to examine and verify the security and functionality of the software, fostering transparency and community involvement.
Metadata-resistant
Cwtch minimizes metadata generation during communications, which helps in protecting user anonymity and privacy by not leaving digital traces that can be exploited.
Community-driven
As a project with community input and contributions, Cwtch benefits from diverse ideas and improvements, leading to a platform that reflects user needs and priorities.
We have collected here some useful links to help you find out if Cwtch is good.
Check the traffic stats of Cwtch on SimilarWeb. The key metrics to look for are: monthly visits, average visit duration, pages per visit, and traffic by country. Moreoever, check the traffic sources. For example "Direct" traffic is a good sign.
Check the "Domain Rating" of Cwtch on Ahrefs. The domain rating is a measure of the strength of a website's backlink profile on a scale from 0 to 100. It shows the strength of Cwtch's backlink profile compared to the other websites. In most cases a domain rating of 60+ is considered good and 70+ is considered very good.
Check the "Domain Authority" of Cwtch on MOZ. A website's domain authority (DA) is a search engine ranking score that predicts how well a website will rank on search engine result pages (SERPs). It is based on a 100-point logarithmic scale, with higher scores corresponding to a greater likelihood of ranking. This is another useful metric to check if a website is good.
The latest comments about Cwtch on Reddit. This can help you find out how popualr the product is and what people think about it.
Theoretically, Cwtch[1] would afford you this obfuscation assuming Tor is secure and your adversary isn't nation-state level. Similarly, using SimpleX private message routing via .onion message relays and the fact that the system has no identifiers can also afford you that obfuscation. [1] https://docs.cwtch.im/. - Source: Hacker News / 3 months ago
I guess something like Cwtch would be an actively maintained equivalent. https://docs.cwtch.im/. - Source: Hacker News / 8 months ago
Since Signal offers only narrow by-policy metadata privacy (unless you're on burner hardware), I'd ask them if they wanted metadata privacy, and if so, I'd point them to the direction of Cwtch https://cwtch.im/. I wouldn't recommend TFC unless endpoint compromise was part of their threat model. It's complicated and nuanced in the deep end of the pool. - Source: Hacker News / about 1 year ago
Your missing Tor, and metadata reducing messaging like https://cwtch.im/ Also Mullvad Browser is a worthy addition given that its basically Tor Browser with the VPN instead of Tor-gateway. Same excellent metadata reduction tweaks, and you don't have to configure anything. - Source: Hacker News / about 1 year ago
This snake oil is spreading like [Herpes] Simplex . Again, the company lies about queues (a programming technique) being a privacy feature. The application can not get rid of the metadata of server knowing which IPs are conversing, unless the clients explicitly connect to the service via Tor. The server must always know from which connection to which connection it routes packets. It's not a network hub, it's a... - Source: Hacker News / about 1 year ago
4sci35xrhp2d45gbm3qpta7ogfedonuw2mucmc36jxemucd7fmgzj3ad.onion (not a real one), and you'd register to it via IM client. Now you can't connect to the domain without Tor, so misconfiguring can't really hurt. So that covers name and IP. We'll assume the content was already end-to-end encypted so that leaks no data. Next, we want to hide the social graph, and that requires getting rid of the server. After all, a... - Source: Hacker News / about 1 year ago
Some other options https://cwtch.im/ (has better UX and security than Briar). - Source: Hacker News / about 1 year ago
Yeah. Also there's Ricochet [1] and its continuation Ricochet Refresh [2], but these only do 1:1 messaging AFAIK. Ricochet was a big inspiration for my project Quiet.[3] Cwtch [4] also deserves a mention, though it depends on ephemeral servers and isn't fully p2p. 1. https://en.wikipedia.org/wiki/Ricochet_(software) 2. https://www.ricochetrefresh.net/ 3. https://tryquiet.org/ 4. https://cwtch.im/. - Source: Hacker News / about 2 years ago
I like session (does not require phone number) but don't know anyone that uses it. Same for cwtch.im, but that is a bit more specific use case since its tor based. Source: over 2 years ago
It's called CWTCH. It's fairly limited but offers great anonymity. Source: over 2 years ago
Metadata protection (basically, defaults to Tor. E.g. Briar and Cwtch) so that only you can the recipient know when you communicate, how much etc. Source: over 2 years ago
Cool, I was wondering if https://cwtch.im/ was part of your research? Source: almost 3 years ago
Signal alternatives that are open source and cross-platform (at least Android and iOS compatibility): - [Jami](https://jami.net/) - [Berty](https://berty.tech/) - [Cwtch](https://cwtch.im/) - [SimpleX Chat](https://simplex.chat/) - [Status](https://status.im/). - Source: Hacker News / almost 3 years ago
Https://cwtch.im is looking pretty promising also. Source: about 3 years ago
Move off centralized platforms entirely and start using something like this https://cwtch.im. Source: about 3 years ago
That's why we split the terminology into content-privacy and metadata-privacy. These aren't made up terms, E.g. https://cwtch.im/ front page says the following. Source: about 3 years ago
I've also heard good things about https://cwtch.im/. - Source: Hacker News / over 3 years ago
Don't use Ricochet, use Cwtch or Briar or Matrix. I would recommend Session but it's not possible to do that until Lokinet is fully audited by someone other than the developers, or until they implement Tor by default in another fork because I can't possibly trust Lokinet over it. I also don't recommend Signal because it requires a phone number and I definitely don't recommend WhatsApp. Please stop using WhatsApp... Source: over 3 years ago
After reading this[0] I can't help but wonder how Alice talking to Bob will now be compromised by a third actor: Mallory[1]. From the Wikipedia article on Alice & Bob: > Mallory: A malicious attacker. Associated with Trudy, an intruder. Unlike the passive Eve, Mallory is an active attacker (often used in man-in-the-middle attacks), who can modify messages, substitute messages, or replay old messages. The... - Source: Hacker News / over 3 years ago
This is the homepage and this is where all the Cwtch related repos are located. Source: over 3 years ago
If you're comparing systems, I'd also look at Cwtch: https://cwtch.im/ They use tor exclusively and your chats are all real time, direct messages via tor. So I guess each identity you create also makes a new .onion address. Looks like no offline messages, but most of the IM systems in the 90s lacked offline message delivery and we did OK. Source: over 3 years ago
Do you know an article comparing Cwtch to other products?
Suggest a link to a post with product alternatives.
Is Cwtch good? This is an informative page that will help you find out. Moreover, you can review and discuss Cwtch here. The primary details have not been verified within the last quarter, and they might be outdated. If you think we are missing something, please use the means on this page to comment or suggest changes. All reviews and comments are highly encouranged and appreciated as they help everyone in the community to make an informed choice. Please always be kind and objective when evaluating a product and sharing your opinion.
