Wickr

Company:

Wickr

Application Name:

Wickr

Assessment Technique(s):

Static Binary Analysis

Assurance Level:

High: Exploitation causes serious brand damage and financial loss with long term business impact.

Issue Date:

2/6/2013

Application Description:

Wickr is free app enabling anyone to send anonymous, private and encrypted messages and media that self-destruct. The Internet is forever. Your private communications don't need to be. 
View Details 

Headquartered in San Francisco, Wickr is comprised of top security and privacy experts who strongly believe private communication is a universal human right that is extremely important to a free society. 

Today, this right is almost nonexistent. Companies like Apple, Facebook and Google offer messaging that is archived, easily traceable, controlled by the recipient and shared with strangers.

We have flipped this concept on its head and are giving the control back to you, the sender. After all, who doesn’t want control of the messages and media they share with others? 

Wickr offers free worldwide text, audio, picture and video messaging with self-destructing media that is private, secure and anonymous. It clears metadata from files and permanently shreds deleted files from your device.
 

In its reviewed state, the Wickr met or exceeded the security score outlined in the Veracode Risk Adjusted Verification Methodology for an application at the assurance level specified above. Veracode’s risk adjusted verification methodology is based on respected industry standards including MITRE’s Common Weakness Enumeration (CWE) for classification of software weaknesses and FIRST’s Common Vulnerability Scoring System (CVSS) for severity and ease of exploitability and NIST's definitions of assurance levels.

 

While every precaution has been taken in the preparation of this document, Veracode, Inc. assumes no responsibility for errors, omissions, or for damages resulting from the use of the information herein. Due to the nature of software security testing, the lack of discoverable flaws does not mean the software is 100% secure.