[liberationtech] Wickr - Leave No Trace

Thu Jun 28 11:31:47 PDT 2012

On 06/28/2012 06:28 AM, Nathan of Guardian wrote:
> On 06/28/2012 04:58 AM, ilf wrote:
>> Opinions on this? Has there been any peer-review?
> 
> Not as far as I know, but I think can tackle it quickly here from what
> is on their website. Most of this is the usual open-vs-closed type
> issues, but still important to reiterate.
> 
> I have also cc'd their privacy@ address so they can join the libtech
> list and respond if they choose. I should also disclose my well-known
> bias towards open source and open standards.
> 
> PROS
> - it is free (as in free cheese samples at the grocery store)
> - they have some sense of user-oriented design/threat model design
> - their claimed data retention / privacy policies seem ideal
> - the claim that centrally stored data is minimal

Proof? What is claimed to be stored?

> - it comes with all that proclaimed "easy to use" and "just works"
> attitude that is part of the Apple iOS world; from screenshots, it looks
> simple enough to use

How do they deal with an active MITM?

> - better than an unencrypted SMS!

Heh - really? Probably... :)

> 
> CONS
> - closed-source, no ability to publicly audit without some sort of NDA

Do they offer the ability to audit with an NDA?

> - includes "patent-pending technology" aka proprietary, encumbered, not
> an open/known standard

Sounds sketchy.

> - limited to distribution where Apple and partner countries allow it

Bad news.

> - only works on iOS

I assume they'll make an Android version too?

> - no perfect-forward secrecy, it seems, meaning any encrypted on a
> remote device, can easily be tied back to your wickr ID and/or your
> cryptographic key

Holy. Fucking. Shit.

So that basically says it all - where they say "Leave No Trace" what
they mean is "Leave a cryptographic trace!"

> - no information about client-to-server connection (SSL, TLS? resistant
> to man-in-the-middle attacks?)

Has anyone intercepted this data yet?

> - centralized service with no option of hosting your own

Bummer.

> - "Activist" is not one of their user stories/types that they have
> designed around, though they claim "freedom fighters" are among their
> existing users

That's hilarious.

> - based on their "third parties" policy, it seems their system design is
> susceptible to lawful intercept

Awesome! Nothing quite like a backdoor when you're using it to ensure
you "Leave No Trace!"

> 
> Would I recommend it? Probably not, but I am curious to see what sort of
> mainstream uptake they might get, much in the same way I am curious
> about SilentCircle.com, which is offering a very similar set of promises
> as Wickr.
> 

SilentCircle has Jon Callas and Phil Zimmerman. That's a totally
different ballgame. While I dislike that they're likely re-inventing the
wheel in a few places, I can't say that it's too similar.

All the best,
Jake