This App Wants to Be Your Encrypted, Self-Destructing Slack


If you use a workplace collaboration tool like Slack or Hipchat, it’s easy to fall into an assumption of privacy, throwing around gossip and even sensitive business as if it were normal cubicle chatter. It’s not. Anything you write in one of those collaborative chatrooms can bestored, and is potentially vulnerable to government surveillance, hacking, ora subpoena in a run-of-the-mill lawsuit.

The encrypted-messagingstartup Wickr wants to solve that potential Slack-snooping problem. Today it’s launching Wickr Professional, software it hopes will be the most workablecombinationyetof Slack’s chatroom-based messaging, the privacy of encryption, and the ephemerality ofSnapchat-style self-destructing messages.

Unlike other collaboration tools, which encrypt messages as they travel from a user’s device to a company’s servers but storethose communicationsin an unencrypted state, Wickr uses end-to-end encryption. That means only the people on either end of a conversation can decrypt and read messages. That’s an important security step, but Wickr CEO Joel Wallenstrom argues that it’s really the software’s ephemeral messaging feature, which allows administrators and users to setself-destruction timers for messages as short as a few seconds,that sets Wickrapart.

“End-to-end encryption is kind of table stakes these days,” Wallenstrom says. “Were really trying to break through the idea that you haveto keep everything forever, and that just layering encryption on will save the day…Asettingthat makes secrets not stick around forever is a good thing.”

Wickr ProfessionalWickr

The notion that written records of sensitiveconversationscan come back to haunt their authors has been made especially clear over the last year: WikiLeaksillustrated it yet again with the leaked emails of the Democratic National Committee and Hillary Clinton staffer John Podesta that injected chaos into the party and Clinton’s campaign. Hulk Hogan’slawsuit against Gawker for publishing a video of him having sex dredged up embarrassing conversations from the media company’s Campfire collaboration software, including obscure wrestling sex jokes andat least one picture of an uncircumcised penis that Gawker’s editor-in-chief had shared with staff.

Locking Down the Water Cooler

Wickr hopes to capitalize on that growinganxiety over stored, sensitive conversations. Its Wickr Professional tool will expand thefeatures of its softwarebeyondthe free encrypted and self-destructing messaging app Wickr Messenger that it’s offered for more than three years, which the company says is now used by “millions” of people. (It declined tooffer a more specific user count.) It’s a booming market; Slack alone has explodedfrom two million daily users to four million in just the last year. Wickr also hopes to command a premium for its secrecy features. Wallenstrom says that a typical installation will cost about$50,000 a year fora company with a hundredusers, more than threetimes the cost of Slack’s premium version. “Its not free. Its a serious tool,” says Wallenstrom. “But for the things were helping them protect I think its pretty fair.”

Wickr Professional, like Slack, will allow users to create chatrooms for group messaging, share files, and eventually make audio calls, though that calling feature will only be added in the coming months. Unlike Slack, Wickr users will be able to set self-destructing message policies for both individualmessages orentire rooms, quickly erasing all traces of messages on some sensitive topics, while storing others for posterity. For bosses who want both end-to-end encryption and a alog of all conversations, or for regulated industries that require an auditable history, the software will offer a feature that acts as essentially another silent participant in conversations, recording everything without giving employees access to a chat log. The paper trail lives only with the bot. But in all other cases, it says its ephemeral messages will be erased completely—thoroughly enough that they can’t be leaked, handed over to FBI agents, or subpoenaed by Hulk Hogan’s lawyers.

Wickr Professional’s self-destructing message timer feature.Wickr

A Crowded Market

Wickr won’t be the first to offer end-to-end encrypted collaboration software. It will compete with a growing list of privacy-focused communication companies including SpiderOak, ClearChat, and Symphony. But unlike some of those tools, Wickr offers both self-destructing messages and perfect forward secrecy, an encryption feature that changes the encryption key with every message to make cracking its communications more difficult. And thanksto its Messenger app, Wickr already has an existing user base from which to draw—as well as around 20 customers for a beta version of Wickr Professional—and a decent reputation for security. Its advisory board includes renowned security researcherDan Kaminsky, and its earlier software has been audited by security firms iSec Partners, Veracode and Aspect Security, all of which gave Wickr Messenger a clean bill of health.

Even so, it may be too soon to trust Wickr’s encryption with your darkest secrets. Wickr Professional, like Wickr Messenger, remains closed source, which has prevented a wider crowd of cryptographers and security auditors from examining its code for vulnerabilities. Johns Hopkins computer science professor Matthew Green has written that this obscurity makes its real security a mystery. “Should I use this to fight myoppressive regime?” he asked of Wickr Messenger in 2013. “Yes, as long your fight consists of sending naughty self-portraits to your comrades-at-arms. Otherwise, probably not.” (Wickr has hinted atopen sourcing its code in the near future: A spokesperson tells me that the company has “exciting news soon on that front.”)

Still, even Green says he’s pleased to see companies like Wickr taking on the challenge of building security features into collaboration software. “It’s insane that companies have so much sensitive information on unencrypted tools like Slack,” he writes. “Being able to end-to-end encrypt that information is really compelling.” And if its timed message-destruction can prevent an embarrassment of WikiLeaks or Gawker lawsuit proportions, it may end up being the most compelling feature of all.

Read more: https://www.wired.com/2016/12/wickr-professional-encrypted-work-chat/

Filed in: Affordable Individual Health Insurance Tags: , , , , , ,

Get Updates

Share This Post

Related Posts

© 2018 Top Insurance Health. All rights reserved.