Back to home
Threat Model
Last updated: May 2026
What kryosette protects against
- Mass surveillance: No central server collects metadata or message contents.
- Third‑party data mining: No analytics, no tracking, no profiling.
- Network eavesdropping: End‑to‑end encryption and onion routing prevent intermediaries from reading or modifying traffic.
- Server‑side compromise: There is no server that holds user data, so there is nothing to breach.
- Content censorship: Peer‑to‑peer architecture makes it extremely difficult for any single actor to block content.
- Forced disclosure: We cannot hand over what we don't have. User data is local only.
What kryosette does NOT protect against (because the opposite has not been proven theoretically)
- Physical access to your device: If an attacker has physical access to your unlocked machine, they can access your local data.
- Keyloggers or malware on your system: The security of the Application depends on the security of the underlying operating system.
- Social engineering: No technology can fully protect against manipulation of the human element.
- Advanced traffic correlation attacks: While onion routing obfuscates your traffic, a powerful global adversary may be able to correlate network patterns.
- Rubber‑hose cryptanalysis: We cannot protect you if someone forces you to reveal your keys.