Twitter Buys Mobile Security Startup Whisper - InformationWeek
IoT
IoT
Mobile
News
11/29/2011
09:57 AM
50%
50%

Twitter Buys Mobile Security Startup Whisper

Two-person development shop created software for secure text and voice communications on Android smartphones.

10 Companies Driving Mobile Security
10 Companies Driving Mobile Security
(click image for larger view and for slideshow)
Twitter has snapped up Whisper Systems, a two-person mobile security software development firm that was founded last year.

Terms of the deal weren't disclosed by Twitter, which confirmed the Whisper Systems acquisition in an emailed statement. "As part of our fast-growing engineering team, they will be bringing their technology and security expertise to Twitter's products and services. We're happy to have Moxie and Stuart onboard," it said, referring to the Whisper's sole two employees: Stuart Anderson, and a researcher who goes by the name of Moxie Marlinspike.

Marlinspike is well known for exposing flaws in the digital certificate ecosystem, as well as developing a solution: Convergence, a tool that's designed to crowdsource certificate authenticity.

[ Security skills are in big demand. Read Best Paying IT Security Jobs In 2012. ]

But digital certificate fixes and smartphone security haven't been a focus for Twitter, which is a social networking and microblogging service. "Twitter isn't in the business of providing secure communications tools to end-users. - Hell, it still doesn't even use HTTPS by default," said security and privacy researcher Christopher Soghoian, via Twitter. "I'm struggling to understand this deal."

One explanation is that Twitter was shopping more for talent than mobile security technology. Indeed, all of Whisper's five products, which secure Android devices and communications, remain in beta. That includes secure-texting (TextSecure) and encrypted-voice-communications (RedPhone) software. Other products include Android data protection and full-disk encryption software WhisperCore, as well as Flashback, for saving encrypted Android backups to the cloud. Marlinspike has said previously that while the company's initial products were developed for Android, the company planned to extend them to Apple's iOS, as well as BlackBerry devices.

Twitter has declined to detail its exact plans for the existing Whisper Systems technology. But Marlinspike and Anderson said in a statement posted to the Whisper Systems site on Monday, where news of the acquisition first appeared, that "the Whisper Systems software as our users know it will live on (and we have some surprises in store that we're excited about), but there is unfortunately a transition period where we will have to temporarily take our products and services offline." As of Monday, notably, "RedPhone service will be interrupted immediately, but FlashBack users have a month to pull off any backup data they would like before that service also goes offline," it said.

Anyone relying on RedPhone to encrypt their communications would have likely encountered the service interruption firsthand. As noted by the Register, "dissidents and others who need RedPhone to encrypt their Android calls have no ability to use the service--and they have the Twitter acquisition to thank for the disruption."

That's relevant since Whisper Systems had made TextSecure and RedPhone, previously available only in the United States, available to Egyptian users after mass protests against the regime of Hosni Mubarak broke out in Cairo and Alexandria early this year. According to news reports, the government was conducting a massive surveillance campaign, including monitoring--and at times, blocking outright--SMS, voice communications, people's PCs, as well as Internet channels, including Facebook and Twitter.

Apply advanced analytics to the sales pipeline, Web traffic, and social buzz to anticipate what’s coming, instead of just looking at the past. Also in the new, all-digital issue of InformationWeek: A practical guide to biometrics. Download the issue now. (Free registration required.)

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of the Cloud Report
As the use of public cloud becomes a given, IT leaders must navigate the transition and advocate for management tools or architectures that allow them to realize the benefits they seek. Download this report to explore the issues and how to best leverage the cloud moving forward.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of November 6, 2016. We'll be talking with the InformationWeek.com editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll