6 comments

[ 2.9 ms ] story [ 41.3 ms ] thread
Didn't know Discord doesn't encrypt messages. How do you go about doing it then? If I send a message, wouldn't it automatically go to Discord's server?
Just wait until you find out your Discord token is stored in plaintext in your browser, and if you have it compromised it bypasses your 2FA and password.
That is indeed another vulnerability of Discord.

Discryptor doesn't even require you to be logged into your Discord account (except for the authentication every now and then).

Nope, it gets encrypted in the Discryptor client first, then sent to the Discord bot, which forwards the encrypted message it to the recipient.
What is your explanation for using RSA instead of something modern?
I'm familiar with RSA and it is still considered secure. So for the proof of concept I was happy with it. Of course it could be replaced in the future.