Wickr and the importance of open source for privacy and security

Well, they are getting to grips with policing the darknet, all the smart folk are now using wickr, some advertising on the clearnet.

1 Like

Wickr is an American software company based in New York City.

Does not seem smart to use a US based company to me, given recent events. Not that it really ever was.

1 Like

Wickr, as well as the New York base, is also propietary software - definitely not what smart people are using

Was is the key word. Most if not all was open sourced a while ago. Wickr, the encrypted messaging app, finally goes open source | ZDNet

Is is actually the key word, they were and are a propietary software company who make non-free software. Publishing some source code and doing some open-source-marketing doesn’t make a company a free software company.

A general rule of thumb I’ve seen in a few places when getting into privacy and security more seriously lately is to always opt for free and open source where possible. If I take that seriously as an idea, which I have been, then I’d only be tempted by Wickr if there weren’t FOSS alternatives - and there are loads of good ones. Element for example is excellent, Signal with a temporary phone number for sign up, both work on desktop and mobile. Learning GPG is on my to-do list, to give you a feel for where I am at.

Would you not consider this a good rule of thumb @neo? I was under the impression it’s a standard view among cryptography types.

(Apologies for upping the ante in this off topic discussion, felt I had to respond fully. Maybe a new wickr/foss topic, overworked mods).

In their case they are working to make money from corporate secure end-to-end messaging. So while not free they opened their source code to be examined externally. For security issues this is what is needed for external auditing rather then paid for auditing which they release what they want.

As far needing to be free, that depends on the market the product is going for. Its like a email provider (eg proton) where the source code is available for external viewing/auditing, but the company is after marketing their product to businesses to make some money. This means they are providing the infrastructure for the product to run.

To have free and open requires infrastructure to be provided by some method. For the Safe Network its is the people running the nodes. For Torrents (not secure) it is the users again.

The features of say “wickr me” (the free version) mean that its easy for anyone to use, like others as well. Its one option among a few.