Thanks for the link. I actually checked the CVEs so far and read their 'security' page. I have only skimmed the article, however, if it's just reverse engineering the protocols, and you are still using somebody else's server, what's the biggest risk? Maybe a vuln in the client that won't be fixed as fast as the official client?