Still Under DDOS, but here is a status update anyway. The Tor network is breaking.
/d/OpSec icon


17,155 subscribers

Anonymous Planet Onion

Discussion of OpSec, Threat Models, Protection, Assessment & Countermeasures.

Vendors: /d/vendor_handbook.

While the focus of this community's OpSec discussions may center around Dark Net (DN) activity, all members of this sub are encouraged to think about, discuss, and share ideas relating to OpSec.

Important information about wickr

by /u/newbieforever2018 "You've got ★bail★" · 5 votes · 2 months ago

Apparently wickr user names are case sensitive. This has serious implications because it means that scammers can duplicate a vendor user name only changing the case to create a new account.

Thanks for the tip /u/RCLeon

Comments (13)
/u/NorthOfTheNeXus · 1 votes · 2 months ago · Link

didnt know that but good to know even tho i dont use it any more ;-)

/u/newbieforever2018 "You've got ★bail★" OP · 1 votes · 2 months ago · Link

Neither did I until a vendor asked me to change his wickr listing.

/u/dexhex8 · 1 votes · 2 months ago · Link

still dumbasses around who don't know this lame info??

always check letters' cases...not only in wickr

/u/newbieforever2018 "You've got ★bail★" OP · 1 votes · 2 months ago · Link

People continue to get scammed by people who create user names with only one character different than the actual vendor user name. It is important to keep people informed.

/u/footsteps · 1 votes · 2 months ago · Link

I would never touch Wickr for anything serious, no better than other pseudosecure apps like Telegram, Signal, Wire, etc...

How about Latin-like alphabets? Cyrillic, Armenian, Georgian, etc?

/u/GOUPIL · 1 votes · 2 months ago · Link

i am 100% with you. but i will maybe use some of these apps through virtualization with whonix

/u/teflonpann · 1 votes · 2 months ago · Link

Still better than fb IM or whatsapp or something like that.

At last they give false feeling of security like does your door lock but are you 100% safe?

/u/footsteps · 1 votes · 2 months ago · Link

not much better... i mean you can set disappearing messages in those apps, but in the end, your messages are on someone else's server, even if encrypted, and you are faced with having to ensure your app is not associated with any breadcrumb trail to your real identity. If your device is seized, and you are coerced into revealing the content of your app, protection is limited.

/u/teflonpann · 1 votes · 2 months ago · Link

But if you are dumb enough to get that associated to your id, isnt it your own fault?

Does every private or secure thing have to be made by others so we forget to question things?

/u/swordfish · 1 votes · 2 months ago · Link

wickr was banned ages ago on our SubDread, I wouldn't trust anything owned by Amazon. It is shutting down soon anyway.

Wickr, a provider of encrypted communications, has announced that its free encrypted messaging app, Wickr Me, would be discontinued in 2019.

Before being bought by Amazon’s cloud services behemoth Amazon Web Services in 2021, Wickr was one of the first widely used end-to-end encrypted messaging applications.

Amazon said Friday that Wickr Me would be discontinued permanently as of December 31, 2023. Amazon has announced that the app would no longer be allowing new users as of December 31, 2022, before being permanently retired the following year.

Because of its popularity among journalists and whistleblowers who want to exchange end-to-end encrypted and self-destructing communications, Wickr’s consumer-facing version will be taken down. It will not affect Wickr’s other products, which are used by governments, militaries, and businesses.

Wickr Me, Amazon’s consumer product, will be discontinued after the company decided to “concentrate Wickr’s focus on securing our business and public sector customers’ data and communications with AWS Wickr and Wickr Enterprise,” the company said. Amazon is also working on a way for Wickr customers to securely communicate with people outside of their organisation.

Reports surfaced that criminals were able to share photographs of child sexual assault using the company’s free chat service, prompting the closure announcement. Citing court filings, law police, and campaigners, NBC News reported in June that Amazon had done “nothing” to aggressively address the issue.

Apparently, drug sellers who had been pushed off the dark web after the shutdown of major illicit products markets like Silk Road flocked to Wickr’s, whose supporters include the CIA and controversial private security company Blackwater.

/u/newbieforever2018 "You've got ★bail★" OP · 1 votes · 2 months ago · Link

There are some messaging app pros and cons topics floating around to help people decide which to migrate to. Sensitive material should be pgp encrypted regardless which service is used.

/u/enhanceMDMA · 1 votes · 2 months ago · Link

Isn't the fact that it's been owned by Amazon for over a year enough to make anyone with half a brain reconsider utilizing that app? Hell, Signal is still a private company and I have a hard enough time trusting THEM.

/u/newbieforever2018 "You've got ★bail★" OP · 1 votes · 2 months ago · Link

Unless the software is completely open source it should not be blindly trusted. Signal also requires a phone number to sign up, not sure if those fake number services would work with it.