ChatSecure v2.2 Released
ChatSecure v2.2 for iOS was approved by Apple today. One of the main new features is support for SSL certificate pinning, to help prevent man-in-the-middle attacks. A nice side effect of implementing this feature is that we now support alternative root CAs like CACert.org, which now means jabber.ccc.de accounts should work properly. This also means that if you run your own XMPP server with a self-signed certificate, you should have less problems connecting and can now verify and pin the SHA1 hash of your certificate before connecting. @davidchiles crafted a beautiful and simple interface that appears for each new certificate, including information about whether or not the certificate would pass the built-in iOS certificate checks:
We also implemented another highly requested feature: you can now enable automatic login for your accounts. Coming soon is support for Tor, SOCKS5, and XMPP account creation (XEP-0077).
Notable Changes
- XMPP: SSL Certificate Pinning
- XMPP: Support for non-standard root CAs like CACert to support jabber.ccc.de
- XMPP: Better support for self-signed SSL certificates via certificate pinning
- Support auto-login for accounts
- User interface improvements
- Security improvements
- Internal refactoring and code cleanup
- Fix many crashes
- Update 3rd party libraries
- Full Changelog
Special thanks to @vitalyster for the UI patches included in this version.
Download
Download it for free on the App Store and check out the source code on GitHub.