Category: Crypto/Security

The current coronavirus crisis is accelerating the use of virtual meetings by remote attendees. Unfortunately, increasing the use of virtual meetings also increases an organization’s security risks. Virtual meetings can be prone to unauthorized eavesdropping, corporate espionage, real-time harassment, and even sabotage and data theft.  10 Steps to Ensure the

I consider myself a privacy advocate. I read Orwell’s 1984 and want no part of it. But I’ve also been a kid with well-meaning parents, a well-meaning parent myself, a government employee, a small business employee, and a big business employee in a highly regulated industry. In those contexts, privacy

The single most important decision for Critical Data Protection Information is power. The things we say and send to each other can hold immense value to us as a business, as an organization or as a private citizen. Conversely, the information we share can create significant risk when we are

We’re all adjusting to the work-from-home new normal. Hopefully it’s a temporary situation and we’ll be back around the proverbial water cooler/espresso machine before you can say, “March Madness” (sigh). With 68% of global employees working from home at least once per month, it’s clear that remote work is on

Digital privacy protects users from the unauthorized use and abuse of their online data and communications. Many believe that digital privacy, like privacy itself, is a fundamental human right, necessary to protect people from unwanted interference in their online lives. Is digital privacy as essential as traditional privacy? Does it

Last month, we watched as Apple was once again pressured to break iPhone security mechanisms in order to assist in a government investigation. This time, the target was the Pensacola shooter’s iPhone. In 2016, when Apple was under similar pressure related to the San Bernardino shooter’s iPhone, virtually all tech

Somewhere in chapter 1 of any intro to information security textbook you’ll find a brief history of computing ending with a point that much of the woe we’ve faced in information security over the past 20+ years is due to the fact that when we initially built the underlying technologies,

The most common technique for building end-to-end secure messaging is the double-ratchet (DR) protocol. At Wickr we’ve spent quite some effort analyzing (and improving on) the DR (and its many variants). Despite this work, we have so far opted for a decidedly different approach with our secure messaging protocol. I

“All I needed was a foothold. Once I got that, it was just a matter of time.” -Every Hacker Ever Apparently, Iranian hackers have been busy exploiting various VPN vulnerabilities to gain footholds on corporate networks, then installing APTs, backdoors and such to expand their influence. First of all –

This blog post reports on some recent research we’ve been doing at Wickr together with cryptographers at NYU and IOHK. We’ve taken a closer look at the current proposal for the Messaging Layer Security (MLS) protocol – an upcoming open standard under development by the IETF’s eponymous working group. I’ll

This blog post introduces the new Messaging Layer Security (MLS) cryptographic protocol for end-to-end secure group messaging. I’ll talk about what it is, who is behind it, how Wickr is involved, and why we believe it matters. 1. What is MLS? With the growing use of instant messaging — not

We’ve all been there. Oh s—. That moment you realize you should have done more to prepare for days like today. I’ll bet some folks at Burisma experienced that moment recently. Reportedly, the Ukrainian gas company at the center of the political kerfuffle in the U.S. was targeted by Russian