Peerio: Blog

How WhatsApp's Latest Security Bug Could Gaslight You

The latest WhatsApp vulnerability could let hackers impersonate you and gaslight your chat group buddies. Should you be worried? In the video below, our CTO Floh explains how the flaw works and why using end-to-end encryption is still a good thing. Transcript: Right. So WhatsApp has a gaslighting problem. Or rather, they have a vulnerability. That means that messages can be tweaked in a way that makes them seem like they’re possibly something other than what the sender intended them to be.

Filesystem Upgrade (or Unearthing the Hidden Excitement of Strong Foundations)

Within the next thirty years, there’s a 99% chance that California is hit by an earthquake so strong, it’s classified as “major”. How can 40 million Californians possibly deal with such a forecast? One possibility is to design earthquake-proof buildings. The strongest aspect of any structure designed to withstand a natural disaster of that magnitude lies it’s foundation. A properly engineered base transmits the charges of each seismic wave to the nearby land; this allows the building’s structure to adapt to the shaking earth, ensuring safety and stability even through tremors.

How to Build a Billion Dollar Password in 2018

We use passwords to defend our banking information, medical records, and personal communications, but how much do you really know about this little string of characters you trust to protect your data? Most people’s familiarity is limited to what they are told when signing up for a new service, something like “must be at least 8-characters long”, “include a number”, and “mix upper and lowercase characters”. And why would you want to know more?

Why Passphrases are worse for being better

Following the publication of How To Build A Billion Dollar Password, I spent an embarrassing amount of time diving deeper down the password rabbit hole. I conducted very deep research, ended up presenting at a conference dedicated to passwords, and then motioned to remove passphrases from Peerio entirely. Here’s how that happened and why passphrases are still pretty useful. Our passphrases worked. Originally we allowed users to select their own passwords.

Be Curious

“I have no special talent, I am only passionately curious.” – Albert Einstein Hi, I’m Jennifer, an ex cruise ship aerialist who has major FOMO working at a tech startup. Being a non-technical n00b working in cybersecurity gives me the opportunity to discover a whole new world. As the Community Advocate for Peerio, my job is to build and maintain long-lasting relationships with our users, ensure flawless onboarding experiences, and acting as a lifeline between you and the rest of the Peerio team.

Designing Secure Group Chat in Peerio

Last week, researchers from the Ruhr University Bochum released a paper revealing weaknesses in WhatsApp’s security design. Specifically, they discovered that WhatsApp’s servers have complete control over the user list in a group chat, meaning a malicious server could add members to the group. This effectively defeats the goals of end-to-end encryption, as anyone who’s able to access the servers — attackers, WhatsApp staff, or authorities able to legally prompt action from WhatsApp — could discreetly add whoever they want to an existing group.

3, 2, 1... Saying Goodbye to Peerio Legacy

We’re approaching the final countdown, the end of a year and a legacy. On January 8th, we will be shutting down Peerio Legacy permanently and launching into the future with Peerio 2!

4 Reasons to Move Your Data to a True Secure Cloud

In addition to being a true end-to-end encrypted collaboration and communication platform, Peerio is also an effortless secure cloud storage solution for your personal and work files. Whether you are at work or play, your data belongs only to you. Here’s why you should consider upgrading from your current storage solution provider. 1. Never Lose Your Files Keep a secure backup of your files in Peerio. Anything you upload will be encrypted on your device before being transferred, then stored, in at least three separate data centres.

Creating a Secure Workspace: Peerio Rooms

In today’s globalized economy, online communication has become indispensable for businesses. But online communication platforms also bring unprecedented risks that can seriously endanger your company. Business owners bombarded with the growing number of news reports about data breaches can often feel like they need to choose between communication and security. And for a long time, those sacrifices were unavoidable. But now, with end-to-end encrypted Peerio Rooms, you can finally create a secure space for your team to collaborate and work together.

Encryption Basics

"When you send something to your friend Rabbit, your message doesn't actually go directly to him." Lots of companies say that they encrypt data, but it’s important to know just what type of encryption they use. Unless companies specify that they use end-to-end encryption, they’re most likely only encrypting data in-transit and at-rest. Here’s how messaging apps generally work. When you send something to your friend Rabbit, your message doesn’t actually go directly to him.

The New Peerio: A Technical Deep Dive

Last week we released a complete rewrite of Peerio — our end-to-end encrypted messaging, email, file management and team collaboration platform. Our team has been working extremely hard over the past months to bring you a better, faster, more secure application. After touting the exciting benefits of our new architecture, we have now also published a detailed whitepaper. This document contains a deep dive into the keys and permission schemes of our KegDB system.

What is a Cryptographic "Backdoor"?

It’s been an exciting few months for Peerio as we approach our second anniversary this summer. We’re preparing to launch mobile clients for Android and iOS, professional plans for our heavy users, and we have a slew of features in the pipeline to improve overall user experience. As our team continues to grow, we’ve been accelerating development of a collaborative end-to-end encryption tool to ensure that everyone has access to a simple and secure platform to share private messages and files in the cloud.