Anyone have thoughts on the Cloaked App?

Been using this for a few days (used it to sign up for the forum) and I’m super impressed. It’s a bit of a 3-in-1 product. It does:

1. Email - you don’t actually have an email address at all, just aliases, which is something I wish Proton did

2. Password Manager - In my limited experience, works better than 1Password at autofilling.

3. Aliasing - Not just emails, but phone numbers and passwords are all auto-generated with 1 click into 1 “identity”. All contacts (email, calls, texts) are sent to the app or can be forwarded to your phone number.

I see almost no information about this service online. Not on this forum, not on Reddit, not on YouTube.

It has potential to be a really great service. As of yet, I don’t see a lot of information as to how the information is stored or it’s security so I’m not giving it access to any sensitive passwords or anything.

Currently it only works in Chromium browsers (I use Brave).

They also plan to add payment aliasing in the future (a la privacy.com) which would make it a 4-in-1 banger.

What are your thoughts?

image1330×846 86.6 KB

I don’t think I’ve heard of this service. My first thought was that an all in one solid does not sound that good. If one account gets compromised, it’s all compromised. We already have good options for all three, so why combine them all?

That is probably the biggest reason why I wouldn’t mention it. Where is the data stored? How is it stored? What (if any) encryption ia used?

Let’s take a look at their website:

So the service is in “Early Access BETA”. Features are missing, so I’d argue it’s an ALPHA. If consumer facing features are not implemented, so what about backend features?

So, it’s not a “Cloaked” server. What is it? Google? Azure? Amazon? Is it configured correctly? There are so many leaks, because somebody screwed up the configuration.

What does that mean? It could literally mean they’re on the same database, on a different cell (potentially right next to each other). It could also be a completely different database, and in which case, are they both encrypted, and are they on the same server?

So… what is it? It’s not E2E, or they’d be bragging. Does Cloaked also have a key?

Looking at his LinkedIn, he seems to float around quite a bit. Not bad, but doesn’t inspire confidence. Is he looking to cash in?

Their blog doesn’t display the date on a lot of their posts. Only four show dates, which goes back to October 2022. No updates this year. Is this content, for contents sake, to fluff up the site?

Their Privacy Policy goes back to March 2022.

From a brief read, it sounds like they’re giving perfect excuses to get your personally identifiable information. Though, don’t hide the fact that they will use that data themselves, and share it with third parties (like Investors, and “outside contractors”).

The policy also claims that they have access to your Cloaked details. So we now know they have a backdoor, or a key, in that encryption.

Lastly, it also seems like they do a lot of logging, with user data being included.

Overall I won’t be in a rush to recommend this service, as I don’t trust it. Especially when there are better, more reputable (Open Source) alternatives. I’d love to be proven wrong, but I feel like they’re looking to be purchased.