![]() Any of these services could have done the same. For example, in December of last year, Slack booted from their service every user who had even once used an IP address in Iran. No current solution offers meaningful metadata protection for group collaboration (although keep an eye on mixnets in 2019.) Why is this a problem? Because often, metadata is the message. Wickr offers a free version but the company's focus is clearly the enterprise market, with compliance-friendly features that make it possible to provision/deprovision thousands of corporate mobile devices. The Slack alternative also integrates with censorship-circumvention proxy Psiphon, useful for traveling executives who want to ensure always-on connectivity regardless of coffeeshop block list or Great Firewall of China deep packet inspection. Wickr offers three-second self-destructing messages. Wickr is gunning for the enterprise market and is the most successful of the three end-to-end Slack alternatives we've discussed here, with one major caveat: Unlike Semaphor and Keybase Teams, Wickr is not open source, although it has published its cryptography code for public inspection. Semaphor is aggressively seeking to monetize its product, and its free trial only includes a maximum of five users before the paid tiers kick in, making it a poor choice for budget-strapped small- to medium-sized organizations, but potentially a good fit for larger enterprise users looking for zero-knowledge cloud storage and collaboration tools. However, SpiderOak has an excellent reputation and its use of the otherwise dubious "blockchain" buzzword comes across as an honest attempt to punch up an otherwise robust suite of end-to-end encrypted collaboration tools. SpiderOak's Semaphor, a Slack replacementĪ red flag for us was SpiderOak's touting of its use of a "private blockchain," which comes across more as a marketing gimmick than a security plus. SpiderOak is even planning to launch in 2019 NERC-CIP compliant storage and collaboration in the tightly regulated energy sector. ![]() Coyote bomb icon) that uses ephemeral keys with forward secrecy.įor small- to medium-sized teams, Keybase feels robust enough that it deserves a close look to see if it's the end-to-end encrypted Slack alternative that's right for your collaborative workspace needs.īrought to you by the fine folks at SpiderOak, who offer a zero-knowledge encrypted DropBox alternative (and there are as many reasons to drop DropBox as there are to drop Slack), Semaphor is an end-to-end encrypted Slack alternative with an enterprise edition that should satisfy most compliance departments. Teams does offer a self-destruct message feature (complete with cutsie Wile E. However, by default Keybase Teams messages do not offer perfect forward secrecy, a necessary usability trade-off, the developers argue. Keybase Teams with self-destruct messagesĭespite Keybase's origins in PGP land, crypto (as in cryptography) geeks will be pleased to know that Teams uses NaCl under the hood and not PGP. And any use now is grandfathered in." Keybase Adoption has yet to hit critical mass, meaning Keybase is offering early adopters what sounds like a "free forever" plan, writing in their launch blog post, "We eventually want to find a way for actual enterprises to pay, while keeping personal and community use free. ![]() CSO took Teams out for a test drive and found it surprisingly mature. spies will use mass surveillance tools to steal foreign intellectual property and share that IP with companies stateside.Ī breach at Slack of either the technical or legal variety would prove catastrophic to many organizations that rely on the service.įirst launched in 2014 in a post-Snowden attempt to bring PGP to the unwashed masses, Keybase now offers a Slack alternative called (wait for it) Teams. Global companies need to consider the real possibility that U.S. spies contemplated "cyber operations" to steal intellectual property (IP) from research and development centers around the world within the next five to ten years. According to a leaked document from the Office of the Director of National Intelligence - the Quadrennial Intelligence Review Final Report, 2009 - U.S. government (think PRISM), not to mention malicious insiders (as Twitter discovered the hard way).Ĭompanies with headquarters, or even employees, outside the United States may have particular cause to worry. It might come as a surprise that Slack, the ubiquitous collaboration tool that found success by slapping a slick GUI on top of IRC, is not end-to-end encrypted, creating a mounting pile of sensitive data on Slack's servers - data that's vulnerable to nation-state hackers, lawfare attacks by the U.S.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |