Skip to comments.Wickr: Free texting app has military-grade encryption, messages self-destruct.
Posted on 12/17/2013 1:21:43 PM PST by Yehuda
If you value privacy & security, then try the free, self-destructing encrypted messaging app Wickr so you can 'leave no trace.'
If you have an Android or an iPhone, & if you value privacy & security, then please do yourself a tremendous favor today by installing Wickr, a self-destructing messaging app that uses military-grade encryption for texts, pictures, audio, video & PDFs & also exceeds NSA's compliancy standards for Top Secret communications. Equally terrific, the experts behind Wickr say it's your data; you own it. Wickr is setup so it is technically impossible for its creators to access your messages. Like WhatsApp or Skype, it's free. Unlike those apps, Wickr uses Perfect Forward Secrecy, offering you a chance to "leave no trace." Wickr for iPhone launched more than a year ago, but now the Android version is here!
We can scarcely go a day without hearing about government surveillance or three-letter agencies pushing to have secret backdoors built into software. Nico Sell, CEO/co-founder of Wickr, said she was approached by the FBI at the RSA security conference. The agent asked for a secret backdoor, but Wickr said no.
The security & privacy experts behind Wickr believe privacy is a fundamental human right. They publish transparency reports [pdf] that show the number of government requests for data, not that they could hand over the content of Wickr messages even with a properly issued subpoena. By using Perfect Forward Secrecy, the "encryption keys are unique, used only once & then forensically destroyed. Each message is encrypted with its own unique key. Only the intended recipient(s) on the intended devices can decrypt the messages." Wickr severs do not even have the decryption keys, your messages can never be accessed, "therefore, no criminal or rogue government can take them from us."
(Excerpt) Read more at m.networkworld.com ...
You may not be a fan of reading privacy policies, but you really should check out Wickr's to learn how the app provides the best available privacy and anonymity features. "We canʼt see information you give us. Your information is always disguised with multiple rounds of salted, cryptographic hashing before (if) it is transmitted to our servers. Because of this we donʼt know - and canʼt reveal - anything about you or how you use the Wickr App."I have run this by a few people and no one seems to know much more than what's in these articles.
Deletion is forever. When you delete a message, or when a message expires, our "secure file shredder" technology uses forensic deletion techniques to ensure that your data can never be recovered by us or anyone else. You own your data. We do not share or sell any data about our users. Period.
If you have first hand knowledge / usage experience with WICKR, and/or the tech background to comment beyond the articles, please feel free to elaborate.
Two more articles/reviews:
Wickr Announces New Interface, App And Advisory BoardAnother review:
November 26, 2013
The Wickr team is brought together by the strong belief that private correspondence is a universal human right that is extremely important to a free society. Each day, the team works hard to bring this right to everyone, for free.
To bring private correspondence to the entire populace, it is going to take a team of world-class cryptographers, privacy advocates, policy experts, peace negotiators, internet rights activists, technologists and business geniuses. So that is exactly what we have assembled.
Wickr is supported by a powerhouse of advisors dedicated to defending this basic human right, including:
Brian Behlendorf - Apache, WEF, Mozilla, EFF
Ambassador Joseph DeTrani - Peace Negotiator, State, CIA [WTH?]
Whitfield Diffie - Cryptography God
Jerry Dixon - Former CyberCzar, DHS
Cory Doctorow - Sci-Fi Author, BoingBoing
Sue Dorf - IMG, Olympics
Lauren Gelman - Former Stanford, EFF
Lesley Gold - Former CNN, DNC
Dan Kaminsky - Saved the Internet
Paul Kocher - Cryptography God
Excellent! When will this be banned by the US, the EU, the UN....?
"We can scarcely go a day without hearing about government surveillance or three-letter agencies pushing to have secret backdoors built into software. Nico Sell, CEO/co-founder of Wickr, said she was approached by the FBI at the RSA security conference. The agent asked for a secret backdoor, but Wickr said no./sigh...
"The security and privacy experts behind Wickr believe privacy is a fundamental human right. They publish transparency reports [pdf]that show the number of government requests for data, not that they could hand over the content of Wickr messages even with a properly issued subpoena."
Love this review from the Google Play store
Kevin French November 20, 2013
Terrible terrible terrible Horrible app, don't waste your time... Just go to Facebook way better features and I feel like I'm not cooped up in a cave hiding everything I do like a criminal
GeronL please ping the Tech list? TIA.
(& if I don’t respond with much or anything please forgive, I am on a new/older phone 90% of the time, and typing is a royal PITO).
Found this at Forbes: "Wickr aims to make money with upgrades to a premium version that allows more recipients of a message..."
It may protect it during transmission but it is still vulnerable to the Chinese, NSA and other govt weenies. They’ve compromised the iPhone and Android operating system.
The NSA has probably also forced the company to give up their key. So they can unencrypt the messages.
“Have to wonder what their business model is. What are they selling if not you?”
You have a good point.
or somewhere else on the WWW the founder is interviewed.
He sounds like a bit of a hippie, and as someone with faster eyes than me noted, he doesn’t mention the Constitution as a reason for creating the app, but I think he mentions something about doing private label apps for companies.
as for that comment saying stay with facebook, I presume you are mocking that guy, or he’s being sarcastic...
Shadow Ace is the tech ping guy and I pinged
I took it as the guy trolling Facebook.
As to what they plan to make money on, I don't see any forswearing of collecting the meta data of where all these messages come from and go to. That information by itself is very powerful even without names or content. Besides its commercial value...
Using the collected metadata to build social networks
Why do they want to do that? What could social networks be used for in the hands of government? Consider:
How will such capabilities be used now? How They Hunt
Is it already too late?
The people who make stuff like that should stay anonymous if that is possible.
A federal marshal will show up with some legal paperwork. pretty hard to stay off the radar.
If they are American. If not the NSA will hack into their development systems and build a backdoor into the program.
Truckers need this.
How do we know this isn’t an NSA front to begin with?
This is silly. The NSA is sucking up large (if not all) quantities of data. It is doing it at will, storing it for later if needed. Do you honestly think ANYTHING you do to try to hinder that is going to work? Once the thought goes from your head into digital form it becomes available to the Gov’t.
Military Grade Encryption? Really? Really???? MILITARY GRADE? You mean encryption that was designed by/for the Government? Encryption that may have been compromised in the DESIGN stages?
These apps are either honeypots by the Gov’t or frauds looking to attract a bunch of users, start slipping in ads, then go public on the Nasdaq for the cashout. False sense of security that all it is.
Don’t be fooled. Face to face (away from your phone’s mic and camera) is the only way to truly be private.
Hey NSA - F.U.
Best thing would be to receive the text encrypted and manually enter it into an offline decrypting machine
I’m beta testing StartMail, said to have similar levels of encryption, and the servers are in The Netherlands.
I’m sure every terrorist on the planet downloaded it months ago.
So the NSA needs to be poking through my emails WHY exactly?
If your data (emails/whatever) is on a wire (or wireless), they are vulnerable.
Your email is NOT SAFER overseas, quite the contrary.
Think about how your email gets transported to that overseas server. It MUST go through undersea fiber or via satellite. Either of which are getting “tapped” by the NSA today!
Going overseas makes you even MORE at risk. Under our Constitution the Gov has every right (even duty some might say) to spy on INTERnational communications. There is no way that the NSA can distinguish between good guy vs bad guy data. That can only be determined AFTER the data has been sucked up (and stored for later use).
Your better off using a company here in the US that will not retain emails it transports.
Encryption only slows them down, it does not stop them.
if the recipient really wants a permanent copy,
they will likely find a way.
if you don’t trust the recipient,
change what you email to them
"We canʼt see information you give us. Your information is always disguised with multiple rounds of salted, cryptographic hashing before (if) it is transmitted to our servers. Because of this we donʼt know - and canʼt reveal - anything about you or how you use the Wickr App."
Depending on how you register / search for other users, it appears there may be some meta-data sucked out of all those anonymous records that they "say"they dont keep very long, but at this point, afaict, the only other comm alternative appears to be FTF.
Do you have alternative suggestions?
PS: "Is it already too late?" "How do we know this isnt an NSA front to begin with?"
I read PITN's last links (again...).
I'm no spring chicken, and I didn't have the honor or the privilege of serving, and I live (for now) in the PRNYC, so no real training beyond the rental range.
But if the only alternatives are giving up completely, or following Solzhenitsyn's advice, I'll take the latter.
SELinux is a set of kernel modifications and user-space tools that can be added to various Linux distributions. Its architecture strives to separate enforcement of security decisions from the security policy itself and streamlines the volume of software charged with security policy enforcement. The key concepts underlying SELinux can be traced to several earlier projects by the United States National Security Agency.
It has been integrated into the Linux kernel mainline since version 2.6, on 8 August 2003.
Bump for later
Got the app .... Thanks !!!
Hope yer well and have a happy and safe Christmas my friend.
Stay safe !
> Excellent! When will this be banned by the US, the EU, the UN....?
You mean will the government approach and pay them mega millions to tell us the program will shred our messages bu t actually send them to the NSA instead?
I know that. The whole point is to make them go through vast amounts of effort to extract nothing.
I would never communicate anything by any electronic means that I wouldn’t want to see attributed to me on CNN or in court.
Anyone who wants to know what I’m thinking can review all 122,527 of my FR posts and get a pretty good idea. Or if they are humor/irony impaired they’ll never get it sorted out...
tonyinv wrote: “Your better off using a company here in the US that will not retain emails it transports.”
What company in the U.S. do you recommend? Hushmail? Whoever it is, do we trust they will not retain because they say so any more than many won’t believe what these WICKR guys (and others) are claiming?
BTW, I presume null and void (and many others) use the proxy viewer on https://www.startpage.com as much as possible for online searches.
You presume correctly.
If nothing else it vastly cuts down on pop ups and spam.
Absotively. it’s my default search engine on the laptop and the phone.
Do you have a smartphone and do you use their app? I find it a PITO, as I can’t get the font up except by pinching the screen; imho they should have a “open found link in Safari” if the user decides he can afford to leave the proxy view.
Or at least a “copy link” option.
I don’t used my phone to cruise the web, my old tired eyes just aren’t up to it. I’ve got a nice billboard sized monitor on my desktop ‘puter.
> Wickr for iPhone launched more than a year ago, but now the Android version is here!
Not any currently practical ones. Wickr is probably the best immediately available.
The problem is inherent to the digital network. As long as you can map sender and receiver on a one-to-one basis you can build a social network that can, in the wrong hands, become a threat. I thought I had bookmarked a site that describes a protocol for encrypted internet via amateur radio. (I can't find the link now.) That would help somewhat because, being broadcast, there's no way to tell who is the receiver (despite what they do on Star Trek). That changes the mapping from one-to-one to one-to-many.
I don’t have any suggestions, because that company probably doesn’t exist, don’t even know if tha’ts “legal” anymore.
It really all comes down to what was said above, if you don’t want it on CNN, don’t transmit it on the internet.
Do u mean packet radio? Sailors (used to?) use it.
Tried it with family years ago w a 300 baud modem. Also a friend was using a sat phone modem in the bush years ago but I have no idea of the encryption possibilities.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.