In encrypted-messaging market, open source not only key to success
A couple months ago, one of the oldest encrypted, ephemeral messaging apps, Wickr, decided to open up its cryptographic code for the world. By allowing hackers and developers to examine their crypto code, it reasoned, it could earn a veritable security merit badge. And the approach had already boosted the appeal of another secure-messaging app, Signal.
At least on the surface, Wickr’s open-source move appears to be paying off. Scott Stender, vice president of cryptography at NCC Group, a British company that specializes in helping clients manage cybersecurity risks, says it influenced his company’s decision to use Wickr, which incorporates end-to-end encryption, to keep its internal communications private.
“We want to have some insight into its inner workings,” Stender says. Wickr’s open-source code “allows us to do our own independent verification of the protocol.”
That level of openness, of course, is no guarantee of success.
“Demonsaw’s lack of simplicity contributed to its demise.” — Eric Anderson, founder of encrypted file-sharing app Demonsaw
While open-source software components have helped developers build apps faster, security flaws in open-source code can be widely distributed and hard to fix, as was the case with the Heartbleed bug. There is no shortage of competition, as Gartner predicts that messaging apps will overtake social-media apps by next year. And even the most secure, stable, and well-positioned open-source apps need a smart user interface to catch on, acknowledges Eric Anderson, who developed the now-defunct Demonsaw almost entirely on his own.
The former video game designer and cryptography expert says Demonsaw, which he envisioned as an anonymizing cross between Dropbox and BitTorrent-style decentralized file sharing, struggled to gain adoption even among the hacker cognoscenti.
“Demonsaw’s lack of simplicity contributed to its demise,” he says. “I bit off way more than I could chew.”
Businesses and consumers have long prioritized sleek features and functionality. And numerous studies over the past few years show that underinvesting in (or outright ignoring) user experience development can cost sites and apps alike dearly. Slow-loading websites extracted a $2.6 billion toll from online vendors, and people rely far more on aesthetics than any other factor to determine whether a site is credible.
Wickr’s new CEO, Joel Wallenstrom, says app design and user interface are more important than ever.
“The companies that end up gobbling up market share don’t do it because they’re secure; they do it because they’re fast and loose with functionality,” he says. “Leveraging secure communications is important, but [success is] going to come down to customer satisfaction.”
Wallenstrom predicts that apps like Wickr will sit in employee’s software toolbox alongside better-known communications tools like Slack. Organizations, he says, will gravitate toward whatever helps them communicate fastest.
“But when discussing intellectual property, mergers and acquisitions, and corporate secrets, they need to move into something that’s secure.”