Is there anything public as to methodology, coverage, and other test info? I'd really like to see how this test was performed and what was achieved during that time, for curiosity's sake.
Huh, looking at https://github.com/cryptocat/cryptocat/issues/581: "Ciphertext retrieval by joining from non-Cryptocat clients" -- isn't that just expected behavior, or am I missing something here?
What is the difference between that and someone listening on the network with a tool such as wireshark? It may be a little to get the ciphered text easier, but it doesn't weaken the security in any way.
From what I understand of Cryptocat, if said hypothetical third party could decrypt it, wouldn't the entire security model be broken with respect to said hypothetical third party?