Connect with us

Hi, what are you looking for?



Wickr Announces General Availability of Anti-Censorship Tool

As the balkanization of the internet continues, traveling businessmen are left with concerns over the integrity of their communications from some regions of the globe. Increasing censorship, blocking and other restrictions in many world regions have left internet users unprotected because secure communications are banned.

As the balkanization of the internet continues, traveling businessmen are left with concerns over the integrity of their communications from some regions of the globe. Increasing censorship, blocking and other restrictions in many world regions have left internet users unprotected because secure communications are banned.

In some countries such as Saudi Arabia and UAE, says Wickr, enterprise deployments may be difficult because of the national Telco’s monopoly over networks. They restrict various end points and UDP, so all traffic goes through them for monetization or tracking purposes. As a result, some customers have to deploy outside of their region (such as India), to avoid having UDP packets get rate-limited and their tools rendered unusable. 

To help solve this problem, Wickr has announced the general availability of its secure open access protocol to circumvent censorship for all Wickr Me and Wickr Pro (via admin console) users. It combines unrestricted access and end-to-end encrypted collaboration features in a single app, no matter where users are located.

The enterprise version of the tool was announced in August 2018, with the promise that it would be rolled out to other versions of Wickr, including the free version, in the future. That roll out is confirmed today. The tool comes from Wickr’s collaboration with Psiphon. Psiphon describes it as a circumvention tool that utilizes VPN, SSH and HTTP Proxy technology to provide uncensored access to Internet content.

The Psiphon technology uses SSH as its core protocol. This prevents deep packet inspection by ISPs. On top of this, Psiphon has added an obfuscated-openssh layer that transforms the SSH handshake into a random stream, and adds random padding to the handshake.

When a Wickr client starts with Psiphon enabled, the client attempts to connect to up to 10 different servers simultaneously, and uses the first to be fully established. This minimizes user wait time if any of the servers are blocking certain protocols, are blocked by their address, or already running at full capacity and rejecting new connections.

This last point is important. It means that the Wickr/Psiphon product has value beyond just foreign travel. Domestic mobile workers often use low capacity public wifi with limited security. Wickr’s encryption can secure the content, while Psiphon ensures minimal delay in the communications.

Advertisement. Scroll to continue reading.

It is important to note that the Wickr/Psiphon tool is a communication optimization, security and anti-censorship tool — it is not an anti-law enforcement tool. “Wickr provides full transparency to both law enforcement and our users on the type of metadata that is collected through our products, as well as any data requests we receive,” CEO & President at Wickr told SecurityWeek. “The data we capture is very limited in scope to protect user privacy but done in a way that also supports law enforcement.”

ISPs, however, remain the weak link in any secret communication. “As to ISPs,” continued Wallenstrom, “they are in the business of monetizing user data and were given the green light to do so last year.” They can legally collect and sell the data they collect — but their storage of collected data presents a further risk. 

“The risk to users of exposure could be very high and breaches over the years have pretty much confirmed this,” he continued. “Short of stopping customer data collection and monetization altogether, ISPs should be transparent about what information they take and ensure proper safeguards are in place. In turn, users can limit their exposure by using privacy tools such as a VPN that masks browsing data from ISPs and encrypted messengers that protect sensitive communications from getting caught in a data sweep.”

Psiphon was started more than 10 years ago at Citizen Lab, one of the worldís top research hubs dedicated to building anti-surveillance tools. Psiphon was responsible for keeping access to Telegram during Iranian protests, WhatsApp in Brazil and other tools. “There are probably 30 to 40 countries in the world where governments, ISPs and security agencies are all colluding together to control the local population and economy,” Michael Hull, president of Psiphon Inc, told SecurityWeek. “This is the problem that Psiphon was founded to solve.”

San Francisco-based Wickr was founded in 2011 by Chris Howell, Kara Coppa, Nico Sell, at Robert Statica. It has raised a total of $73 million in venture funding.

Related: EFF Reviews Privacy Practices of Online Service Providers 

Related: Internet Provider Redirects Users in Turkey to Spyware: Report

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.


Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.


Expert Insights

Related Content

Artificial Intelligence

Two of humanity’s greatest drivers, greed and curiosity, will push AI development forward. Our only hope is that we can control it.

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...


Many in the United States see TikTok, the highly popular video-sharing app owned by Beijing-based ByteDance, as a threat to national security.The following is...


Employees of Chinese tech giant ByteDance improperly accessed data from social media platform TikTok to track journalists in a bid to identify the source...

Mobile & Wireless

As smartphone manufacturers are improving the ear speakers in their devices, it can become easier for malicious actors to leverage a particular side-channel for...


The proposed UK Online Safety Bill is the enactment of two long held government desires: the removal of harmful internet content, and visibility into...

Cloud Security

AWS has announced that server-side encryption (SSE-S3) is now enabled by default for all Simple Storage Service (S3) buckets.