On Tue, 5 Mar 2013 10:16:12 -0800 Yosem Companys <compa...@stanford.edu> wrote:
> The cautionary tale that many reference is the case of Hushmail, an > encrypted mail service that used to claim that "not even a Hushmail > employee with access to our servers can read your encrypted email, > since each message is uniquely encoded before it leaves your computer" > — words that echo Wickr's own proclamations. Sell tells Mashable that > Wickr's "architecture eliminates backdoors; if someone was to come to > us with a subpoena, we have nothing to give them." They can, and will, be asked for "envelope data". Since wickr requires you create an account, they know who is communicating with whom, when, how often, and how much data. They may even know the file names transferred, even if they don't know the contents. They get to learn your email address and your IP addresses. This alone lets them build a nice social network map of you. As it's running on a mobile phone, wickr can learn GPS location, cell tower, altitude and lots of other data provided by the phone itself (name, contacts, etc) if they want to do so. And as a final thought, they will get preservation requests for messages from law enforcement. Since you're storing content on their servers, even if you think you control how long, they can copy off the messages (also for backups) for law enforcement. -- Andrew http://tpo.is/contact pgp 0x6B4D6475 -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
