Wickr

Wickr is an American software company based in San Francisco.[1] The company is best known for its instant messenger application of the same name.

The Wickr instant messaging apps allow users to exchange end-to-end encrypted and content-expiring messages, including photos, videos, and file attachments and place end-to-end encrypted video conference calls.[2] The software is available for the iOS, Android, Mac, Windows 10, and Linux operating systems.

In November 2018, Wickr was chosen as a leader among the 10 selected emerging technology companies that research firm Forrester invited to participate in its independent evaluation[3].

According to the report, Wickr received the highest possible score of “differentiated” in the criteria of encryption and key management, user privacy and verification, performance, enhanced security or privacy functionality, customizations and integrations, deployment and management, vision and execution, and global reach and customer support[4].

Wickr
Private
IndustrySoftware
Founded2012
Headquarters
San Francisco
,
United States
Key people
Websitewww.wickr.com

History

Wickr was founded in 2012 by a group of security experts and privacy advocates.[5] Nico Sell served as the company's CEO until May 2015 when she became the co-chairman of Wickr and CEO of Wickr Foundation, the newly launched nonprofit whose seed funding was provided by the company.[6] Mark Fields, who previously led CME's Strategic Investment Group, became the company's CEO.[7] He served in that position until November 2016, when he was replaced by Joel Wallenstrom, co-founder of iSec Partners, becoming the company's CEO and President.[8][9]

Apps

Wickr Messenger

Wickr Messenger
Developer(s)Wickr Inc.
Initial releaseJune 2012
Operating systemiOS, Android, desktop
TypeInstant Messaging
LicenseProprietary
Websitewww.wickr.com

Initially unveiled on iOS and later on Android, the Wickr app allows users to set an expiration time for their encrypted communications.[10] In December 2014, Wickr released a desktop version of its secure communications platform. The release of the desktop Wickr app coincided with introducing the ability to sync messages across multiple devices, including mobile phones, tablets, and computers.[11]

All communications on Wickr are encrypted locally on each device with a new key generated for each new message, meaning that no one except Wickr users have the keys to decipher their content. In addition to encrypting user data and conversations, Wickr strips metadata from all content transmitted through the network.[12]

Since its launch, Wickr has gone through regular security audits by prominent information security organizations, which verified Wickr's code, security and policies.[13] Wickr has also launched a "bug bounty program" that offers a reward to hackers who can find a vulnerability in the app.[14]

On January 5, 2015, the Electronic Frontier Foundation gave Wickr a score of 5 out of 7 points on their "Secure Messaging Scorecard".[15] It received points for having communications encrypted in transit, having communications encrypted with keys the provider didn't have access to (end-to-end encryption), making it possible for users to independently verify their correspondent's identities, having past communications secure if the keys were stolen (forward secrecy), and having completed a recent independent security audit. It was missing points because its source code was not open to independent review, and because its security design was not well-documented.[15] In 2015, Wickr published a white paper outlining the encryption protocol that they use for end-to-end encryption.[16] However, the EFF is currently working on a new Secure Messaging Scorecard, and now that Wickr Me has an open source cryptographic protocol as of August 2017, this score is expected to rise.[17]

In August 2017, the company announced that its free consumer product Wickr Me, is now using the same crypto protocol, open for independent public review as its paid collaboration platform Wickr Pro.[18][19]

In February 2018, Wickr Me added free end-to-end encrypted calling with perfect forward secrecy.[2]

Wickr Pro

Wickr Pro
Developer(s)Wickr Inc.
Initial releaseDecember 2016
Stable release(s)
  • Android:
    5.14.3 (April 25, 2019) [±]
  • iOS:
    5.14.2 (May 2, 2019) [±]
  • Windows:
    5.14.6 [±]
  • Mac OS X:
    5.14.4 [±]
  • Linux:
    5.14.4 [±]
TypeCollaboration
LicenseProprietary
Websitewww.wickr.com

In December 2016, Wickr announced Wickr Professional (now Wickr Pro), a new business collaboration and communication product designed to couple the functionality of tools like Slack with end-to-end encryption and ephemerality.[20]

In February 2017, Wickr opened its crypto protocol for public review on GitHub and published a paper “The Wickr Messaging Protocol” as an aid to those who wish to review the source code.[21][22][23]

In July 2017, Wickr Pro added secure group calling and video conferencing allowing teams in different companies to place conference end-to-end encrypted calls.[24]

In November 2018, Wickr relaunched their most popular product that includes three plans. The basic plan allows the first 10 registered users to sign up free of charge, while experiencing Wickr Pro features such as 1:1 and group secure voice and video calling, secure screen share[25] and file upload, message expiration settings, and inviting Wickr Me users to cross-collaborate. Silver and Gold plans were also included as an upgrade paid feature for larger teams and enterprises [26].

Wickr Enterprise

Wickr Enterprise is Wickr's fully loaded, fully customizable product. Wickr Enterprise enables users to comply with any regulatory requirements – ranging from government, law firms, professional services, to enterprises with strict compliance requirements (HIPAA, GDPR, FINRA, FRA, etc.)[27]. Wickr Enterprise also provides a multi-cloud, customer hosted series of deployment options – in the cloud or on-prem.

Features

Wickr Open Access(™)

Wickr Open Access(™) is a smart VPN that permits users in Wickr Pro and Enterprise to overcome geo or weak WIFI challenges and disables network traffic from interfering [28][29]. Strict Wickr Open Access was added to give admins the ability to bump users to have Wickr Open Access always enabled.

Location Sharing

Location sharing was added in November 2018 for iOS and Desktop for Wickr Pro and Enterprise users.

My Status

My status was a new feature added to Wickr Pro and Enterprise that gives users the ability to share their online activity with other users. This can be enabled on a per-device basis, and from the admin console for all users. If show status is disabled in the network dashboard, it would turn off the feature for all users under the network, where nobody's status would be shared.

SSO

Single Sign On was added to Wickr Pro and Enterprise in June 2018 to help in making Wickr a more efficient and user friendly app[30].

SDK & White labeling

WickrIO SDK allows outside companies to utilize the functionality of Wickr's end-to-end encrypted message system, while promoting their own brand image. This feature is only available for Wickr Enterprise and Wickr Pro Gold customers[31][32].

Wickr Bot

Wickr Bot includes a Welcome Bot, and Calendar Bot that can help users with any problems they have within the app. The Welcome Bot helps in greeting new users and old users with forgotten passwords. The Calendar Bot is capable of listing events and creating new events on users’ calendars. 

WickrIO

Wickr integrates their products with multiple organizations in security, IT networks, federal, and government sectors[33]. Major partnerships include Merlin, Psiphon, Okta, vmware, and Aelius [34].

Funding

In March 2014, Wickr announced its Series A funding round of $9 million led by Gilman Louie of Alsop Louie Partners. The series also included investments from Juniper Networks and the Knight Foundation.[35]

In June 2014, Wickr announced its Series B funding round of $30 million led by Breyer Capital, including CME Group and Wargaming.[36]

Reception

In 2015, the Electronic Frontier Foundation announced that Wickr, among only nine companies earned stars in every applicable category for its effort to protect user privacy: “We commend Wickr for its strong stance regarding user rights, transparency, and privacy.”[37]

In 2017, the Electronic Frontier Foundation announced that Wickr, again among only nine companies who earned stars in every category the EFF evaluated in this year's report: “We applaud Wickr’s policies related to transparency and user privacy.”[38]

See also

References

  1. ^ MacMillan, Douglas (June 25, 2014). "A startup looks for business in secrecy". Wall Street Journal.
  2. ^ a b Ehrenkranz, Melanie. "Wickr Just Made It Easier to Keep Snoops Out of Your Next Conference Call". Gizmodo. Retrieved June 8, 2018.
  3. ^ Wickr. "Wickr Named a Leader in Secure Communications". www.prnewswire.com. Retrieved February 13, 2019.
  4. ^ "The Forrester New Wave™: Secure Communications, Q4 2018". www.forrester.com. Retrieved February 13, 2019.
  5. ^ Perlroth, Nicole (June 27, 2012). "An app that encrypts, shreds, hashes and salts". New York Times.
  6. ^ Lunden, Ingrid (May 6, 2015). "Encrypted Chat App Wickr Creates New Non-Profit Arm". TechCrunch.
  7. ^ Perlroth, Nicole (May 6, 2015). "Wickr adds a new chief executive and a nonprofit". New York Times.
  8. ^ Pfeifle, Sam (November 6, 2016). "New Wickr CEO looks to build on ephemeral messaging". iapp.org. The International Association of Privacy Professionals. Retrieved November 29, 2016.
  9. ^ Wallenstrom, Joel (November 6, 2016). "Wickr – Making Ephemerality & Encryption a New Norm". wickr.com. Retrieved November 29, 2016.
  10. ^ Sier, Jessica (May 29, 2015). "Apps to keep your messages secret in the data retention age". Australian Financial Review.
  11. ^ Scharr, Jill (December 4, 2014). "Wickr launches desktop private messaging application". TechCrunch.
  12. ^ Thompson, Cadie (February 6, 2014). "Snapchat rival hopes to pounce on security breach". CNBC.
  13. ^ Franceschi Bicchiera, Lorenzo (March 4, 2013). "Can the snapshot for grownups save you from spies?". Mashable.
  14. ^ Kirk, Jeremy (January 15, 2014). "Encrypted messaging startup Wickr offers 100k bug bounty". PC World.
  15. ^ a b "Secure Messaging Scorecard. Which apps and tools actually keep your messages safe?". Electronic Frontier Foundation. January 5, 2015. Retrieved September 29, 2016.
  16. ^ "Wickr Messaging Protocol" (PDF) (Whitepaper). Wickr Inc. 2015. Retrieved September 29, 2016.
  17. ^ Wallenstrom, Joel (August 18, 2017). "WICKR'S CORE CRYPTO GOES PUBLIC". medium.com.
  18. ^ Collier, Kevin (September 8, 2017). "Email Was The Soft Underbelly Of The Democratic Campaign. It Still Will Be". BuzzFeed. Retrieved September 8, 2017.
  19. ^ Wallenstrom, Joel (August 18, 2017). "WICKR'S CORE CRYPTO GOES PUBLIC". medium.com.
  20. ^ Greenberg, Andy (December 6, 2016). "This App Wants to Be Your Encrypted, Self-Destructing Slack". Wired. Retrieved December 7, 2016.
  21. ^ Conger, Kate (February 15, 2017). "Encrypted chat app Wickr opens code for public review". TechCrunch.
  22. ^ Eddy, Max (February 15, 2017). "Wickr Releases Crypto Protocol on GitHub". PCMag.
  23. ^ Wallenstrom, Joel (February 15, 2017). "Wickr's Core Crypto Goes Public". Wickr Blog.
  24. ^ Bracy, Jedidiah (July 14, 2017). "Wickr introduces secure group calling, video conferencing tool for the enterprise". IAPP. Retrieved November 6, 2017.
  25. ^ "Secure communications service Wickr is rolling out new free features". TechCrunch. Retrieved February 13, 2019.
  26. ^ "Product Tiers". Wickr. Retrieved February 13, 2019.
  27. ^ "Wickr Enterprise | Compliance-Ready, Scalable, and Secure". Wickr. Retrieved February 13, 2019.
  28. ^ tweet_btn(), Thomas Claburn in San Francisco 23 Aug 2018 at 22:56. "Wickr gets slicker with fresh network tricker: Privacy-protecting domain fronting alternative emerges". www.theregister.co.uk. Retrieved February 13, 2019.
  29. ^ Cox, Joseph; Maiberg, Emanuel (August 23, 2018). "After Google and Amazon Drop Anti-Censorship Support, Wickr Steps In". Motherboard. Retrieved February 13, 2019.
  30. ^ "Teams & Enterprises can now sign on with a single click on Wickr Pro". Wickr. June 7, 2018. Retrieved February 13, 2019.
  31. ^ "Product Tiers". Wickr. Retrieved February 13, 2019.
  32. ^ "Wickr Enterprise | Compliance-Ready, Scalable, and Secure". Wickr. Retrieved February 13, 2019.
  33. ^ https://wickr.com/wp-content/uploads/PDFs/misc/WickrIO.pdf
  34. ^ "Partners". Wickr. Retrieved February 13, 2019.
  35. ^ Fried, Ina (March 3, 2014). "Wickr secures $9 million to fund its privacy-focused messaging service". Recode.
  36. ^ Finkle, Jim (June 26, 2014). "Wickr raises $30 million; investors include CME Group, Wargaming". Reuters.
  37. ^ "2017 Who Has Your Back Report". The Electronic Frontier Foundation. Retrieved September 26, 2017.
  38. ^ "Who Has Your Back". The Electronic Frontier Foundation. Retrieved September 26, 2017.

External links

Benjamin Kunz Mejri

Benjamin Kunz Mejri (born 6 May 1983) is a German IT security specialist and penetration tester. His areas of research include vulnerabilities in computer systems, bug bounties, the security of e-payment payment services and privacy protection. Mejri is known for uncovering new vulnerabilities and making them transparent to the public.

Black Widow (Iggy Azalea song)

"Black Widow" is a song by Australian rapper Iggy Azalea, from her debut studio album, The New Classic (2014). The song's hook is sung by British recording artist Rita Ora, and its lyrics chronicle subjects of revenge and feminism in a failed romantic relationship. "Black Widow" was written by Azalea, Katy Perry, Sarah Hudson, Benny Blanco, and duo Stargate; the latter also produced the song. Initially a track recorded by Perry for her fourth studio album, Prism (2013), the song was excluded from its track listing, however Perry handed the demo to Azalea for her to complete.

On 8 July 2014, the song impacted on mainstream radio stations in the US as the fifth single from The New Classic and the accompanying music video for the song was released on 13 August 2014. "Black Widow" has been described as "channeling the trap" genre, containing an ominous steel drum rhythm, heavy bass and a sparse beat. The song peaked at number three on the US Billboard Hot 100, becoming Azalea's third top-five hit, following "Fancy" and "Problem". The song also became Ora's first top-three hit in the US. It has also reached number four in the UK and number fifteen in Australia.

Its composition has been the subject of music critics' comparisons to Perry's "Dark Horse". Other journalists, praised its beat and Azalea and Ora's vocals. "Black Widow" charted due to strong digital sales during the debut week of The New Classic. Accordingly, before becoming a single it achieved peaks of number 91 in the United Kingdom and number 86 in Australia, and appeared on several component charts. Azalea has performed the song live as part of the set list for her first headlining tour, The New Classic Tour (2014). The song is featured on the video game series Just Dance 2015.

Comparison of instant messaging clients

The current landscape for instant messaging involves cross-platform instant messaging clients that can handle one or multiple protocols so that internet users can communicate with multiple users at the same time. The following tables compare general and technical information for a number of instant messaging clients. See the individual products' articles for further information. External links may lead to extensions that add a feature to a client.

Dangerous (Big Data song)

"Dangerous" is a song by American electronic music project Big Data, from their debut EP 1.0 (2013) and their debut studio album 2.0 (2015). It features American indie rock band Joywave, with vocals being performed by the band's lead singer Daniel Armbruster.

Gilman Louie

Gilman Louie (born 1960) is a technology venture capitalist who got his start as a video game designer and then ran the CIA venture capital fund In-Q-Tel. He graduated in 1983 from San Francisco State University. He attended the six-week Advanced Management Program (AMP) at Harvard Business School in 1997.

Internet privacy

Internet privacy involves the right or mandate of personal privacy concerning the storing, repurposing, provision to third parties, and displaying of information pertaining to oneself via the Internet. Internet privacy is a subset of data privacy. Privacy concerns have been articulated from the beginnings of large-scale computer sharing.Privacy can entail either Personally Identifying Information (PII) or non-PII information such as a site visitor's behavior on a website. PII refers to any information that can be used to identify an individual. For example, age and physical address alone could identify who an individual is without explicitly disclosing their name, as these two factors are unique enough to identify a specific person typically. Other forms of PII may soon include GPS Tracking Data used by Apps, as the daily commute and routine information can be enough to identify an individual.

Some experts such as Steve Rambam, a private investigator specializing in Internet privacy cases, believe that privacy no longer exists; saying, "Privacy is dead – get over it". In fact, it has been suggested that the "appeal of online services is to broadcast personal information on purpose." On the other hand, in his essay The Value of Privacy, security expert Bruce Schneier says, "Privacy protects us from abuses by those in power, even if we're doing nothing wrong at the time of surveillance."

Jim Breyer

James W. Breyer (born July 1961) is an American venture capitalist, founder and CEO of Breyer Capital, an investment and venture philanthropy firm, and a partner at Accel Partners, a venture capital firm. Breyer has invested in over 40 companies that have gone public or completed a merger, with some of these investments, including Facebook, earning over 100 times cost and many others over 25 times cost. On the Forbes 2016 list of the world's billionaires, he was ranked #722 with a net worth of US$2.4 billion.

Mail1Click

Mail1Click Is a Secure email service, which uses encryption algorithm open source globally recognized as inviolable: TLS, RSA and AES.Mail1click generates an RSA key 4096 bits in length. A complete RSA key is composed from a Private Key and a Public Key. The private key is used to sign the messages sent and to decrypt the messages received by the key's owner. The public key will be used by any sender to encrypt a message to the key owner.

Mail1Click offers "free" and "paid" versions of service and this encrypted email service to provide both a web-based email and a downloadable app for each major operating system: Android, IOS and Windows.

Marcia Hofmann

Marcia Clare Hofmann () is an American attorney known for her work as an advocate of electronic privacy and free expression, including defending individuals charged with high-profile computer crimes, such as Edward Snowden, Marcus Hutchins, and Weev.

Reception and criticism of WhatsApp security and privacy features

This article provides a detailed historic account of the reception and criticism of security and privacy features in the WhatsApp messaging service.

SQRL

SQRL (pronounced "squirrel") or Secure, Quick, Reliable Login (formerly Secure QR Login) is a draft open standard for secure website login and authentication. The software solution typically uses a link of the scheme sqrl:// or optionally a QR code, where a user identifies via a pseudonymous zero-knowledge proof rather than providing a user ID and password. This method is thought to be impervious to a brute force password attack or data breach. It shifts the burden of security away from the party requesting the authentication and closer to the operating system implementation of what is possible on the hardware, as well as to the user. SQRL was proposed by Steve Gibson of Gibson Research Corporation in October 2013 as a way to simplify the process of authentication without the risk of revelation of information about the transaction to a third party.

SoftServe

SoftServe, Inc., founded in 1993 in Lviv, Ukraine, is a technology company specializing in consultancy services and software development.

SoftServe provides services in the fields of Big data, Internet of Things, cloud computing, DevOps, e-commerce, security, and experience design. With its United States headquarters in Austin, Texas and European headquarters in Lviv, Ukraine, the company employs more than 6,500 people in offices throughout the United States and Europe in 2013. It is one of the largest software developers in Central and Eastern Europe and the largest outsourcing and outstaffing IT company in Ukraine.

Telecommunications (Interception and Access) Amendment (Data Retention) Act 2015

The Telecommunications (Interception and Access) Amendment (Data Retention) Act 2015 is an Australian law that amends the Telecommunications (Interception and Access) Act 1979 (TIA Act) and the Telecommunications Act 1997 to introduce a statutory obligation for Australian telecommunication service providers to retain, for a period of two years, particular types of telecommunications data (metadata) and introduces certain reforms to the regimes applying to the access of stored communications and telecommunications data under the TIA Act.The Act is the third tranche of national security legislation passed by the Australian Parliament since September 2014. Pursuant to s 187AA, the following types of information need to be retained by telecommunication service providers:

Incoming and outgoing telephone caller identification

Date, time and duration of a phone call

Location of the device from which phone call was made

Unique identifier number assigned to a particular mobile phone of the phones involved in each particular phone call

The email address from which an email is sent

The time, date and recipients of emails

The size of any attachment sent with emails and their file formats

Account details held by the internet service provider (ISP) such as whether or not the account is active or suspended.The content or substance of a communication is not considered to be metadata and will not be stored. Twenty-two agencies including the Australian Security Intelligence Organisation (ASIO), state police forces, Australian Crime Commission, Australian Taxation Office and NSW Independent Commission Against Corruption (ICAC) are able to view stored metadata without a warrant. The only exception is the metadata of those defined under the Act as journalists. Under a concession driven by the Australian Labor Party, agencies need to seek a warrant before a judicial officer before they are able to view the metadata of journalists, whilst ASIO will need to seek permission of the Attorney-General.The Abbott Government's decision to introduce a mandatory telecommunications data regime led to considerable community debate. It was supported by law enforcement and national security agencies, including the Australian Federal Police and ASIO, who argued telecommunications data is critical to criminal investigations and that it is only through legislation that they can be assured that it will be available. The decision was opposed by a wide range of groups and individuals including journalists, human rights organisations and civil liberties groups. Their objections were made on a number of grounds, such as the consequences for journalism and journalistic practice, the non-proportionate and increasing encroachment of the privacy of Australia's population, and the effectiveness of the regime as a tool to combat crime.Questions over its cost and the consequences for the telecommunications industry, in particular small to medium-sized providers, have also been raised as arguments against mandatory data retention.While the Act is law, telecommunications and ISPs have an 18-month grace period to improve their systems and establish processes to comply with the legislation. Telstra has indicated it will store data it retains within Australia, but other telcos and ISPs are not obligated to do so under the law.

Vitruvian Partners

Vitruvian Partners is a European private equity firm focusing on leveraged buyout and growth capital investments in middle-market companies.

Vitruvian invests throughout the UK, Ireland, the Nordic region, Germany, Austria, Switzerland, France and the Benelux region. The firm has offices in London, Stockholm, Munich, San Francisco and Luxembourg.

The firm was founded in 2006 by former partners of Apax Partners, BC Partners and Bridgepoint Capital. In 2008, Vitruvian completed the fundraising for its inaugural €925 million fund, the Vitruvian Investment Partnership I ("VIP I"). In December 2013, Vitruvian announced that it had closed the fundraising of its second fund, Vitruvian Investment Partnership II (“VIP II”), at its self-imposed cap of £1 billion ($1.6 billion; €1.2billion). In June 2017 Vitruvian announced that it had closed the fundraising of its third fund, Vitruvian Investment Partnership III (“VIP III”), at the hard cap of €2.4 billion.

Warrant canary

A warrant canary is a method by which a communications service provider aims to inform its users that the provider has been served with a secret government subpoena despite legal prohibitions on revealing the existence of the subpoena. The warrant canary typically informs users that there has not been a secret subpoena as of a particular date. If the canary is not updated for the time period specified by the host or if the warning is removed, users are to assume that the host has been served with such a subpoena. The intention is to allow the provider to warn users of the existence of a subpoena passively, without disclosing to others that the government has sought or obtained access to information or records under a secret subpoena.

Secret subpoenas, such as those covered under 18 U.S.C. §2709(c) of the USA Patriot Act, provide criminal penalties for disclosing the existence of the warrant to any third party, including the service provider's users.United States secret subpoenas or national security letters originated in the 1986 Electronic Communications Privacy Act to be used only against those suspected of being agents of a foreign power. This was revised in 2001 under the Patriot Act so that secret subpoenas can be used against anyone who may have information deemed relevant to counter-intelligence or terrorism investigations. The idea of using negative pronouncements to thwart the nondisclosure requirements of court orders and served secret warrants was first proposed by Steven Schear on the cypherpunks mailing list, mainly to uncover targeted individuals at ISPs. It was also suggested for and used by public libraries in 2002 in response to the USA Patriot Act, which would force librarians to disclose the circulation history of any of their patrons.

Wicker (disambiguation)

Wicker is a hard fibre often used in the construction of baskets and furniture.

Wicker may also refer to:

Wicker (surname), a surname

Wicker (Sheffield), a street in Sheffield, England

Wicker (novel), 2005 novel by Kevin Guilfoile, also published as Cast of Shadows

Wickr Foundation

Wickr Foundation is a non-profit founded by Nico Sell, co-founder and co-chair of Wickr, end-to-end encrypted communications platform.The foundation operates a social-impact venture fund with a global mission to advance the Private Web and transform how society uses the Internet. In addition to educating the public on privacy and information security, Wickr Foundation is focused on incubating and investing in ideas that revolutionize user control and empower data ownership.The foundation is dedicated to providing information security and privacy training to human rights activists, policy-makers, children, and journalists, and leads several initiatives to raise global awareness on privacy and encourage the development of security-enhancing technologies.

Email clients
Secure
communication
Disk encryption
(Comparison)
Anonymity
File systems (List)
Service providers
Educational
Related topics
Protocols
(comparison)
Services
Clients
(comparison)
Defunct
See also

This page is based on a Wikipedia article written by authors (here).
Text is available under the CC BY-SA 3.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.