About 4 years ago, an attack method to reveal encrypted data that could be used, for example, to decrypt chat messages in Gmail or Facebook and many other “secure” connections on the internet, was uncovered. It was labeled CRIME (an acronym for Compression Ratio info-leak Made Easy). An offshoot of it was revealed in 2013, called BREACH (Browser Reconnaissance and Exfiltration via Adaptive Compression of Hypertext).

Those 2 attack methods have since been mitigated with subsequent updates on how encrypted traffic is handled by your browser, and a percentage of websites. But recently the BREACH attack method was revived. This was made possible because certain popular websites, like Facebook, have not really closed the door on the vulnerabilities that make the attack possible.

So careful with what you say in a Facebook or Google chat.

A chat application that doesn’t suffer from the above shortcomings? Wickr.