Twitter Purchases WhisperCore – Full Disk Encryption For Android Phones


This is certainly an interesting acquisition and not one I would have expected, I’m not even exactly sure what Twitter is planning and why they would want a company focused on mobile encryption (and specifically on the Android platform).

I can’t see any real corporate use for Twitter, so they won’t be pushing the security aspects of it in terms of the application. Perhaps it’s just an equity play and has nothing to do with Twitter, or perhaps they have another offering up their sleeves which isn’t public yet.

Twitter may be planning to boost its mobile security options with the acquisition of Whisper Systems, a company that offers security products for Android phones.

Whisper Systems’ offerings include WhisperCore, software that enables full disk encryption as well as management tools for Android phones. It’s free for individual users while enterprise customers pay for the software. Other Whisper Systems products include text encryption, voice encryption, firewall software and encrypted backup.

In a blog post about the acquisition, Whisper Systems didn’t say much about what Twitter might be planning to do with the technology. “Now that we’re joining Twitter, we’re looking forward to bringing our technology and our expertise into Twitter’s products and services,” the company wrote on the blog.

It said that Whisper Systems software will continue to be available but that during a transition period the company will take the products and services offline. In a forum on Whisper Systems’ website, people who are apparently unaware of the acquisition are already wondering why they can’t download products. Twitter did not reply to a request for comment about its plans for the technologies.

The only path I can see, obvious path that is, would be for Twitter to integrate the encryption technology offered by WhisperCore into the official Twitter apps – making them more secure in both storing data locally and in transmitting data over insecure networks.

I don’t see how it really offers any value though, it’s not like anyone is actually sending anything important out over Twitter – apart from the odd DM (Direct Message) I would imagine.

It’ll be interesting to see what direction they take though and if we can actually find out why this acquisition took place.


WhisperCore has a number of features designed to make up for security shortcomings in Android. For instance, WhisperCore users can selectively revoke permissions that an app requests while allowing the user to still use the app.

The software also includes a feature aimed at thwarting someone who has stolen a phone from determining the phone’s unlock code based on finger smudges on the screen. Some Android phones display rows of dots and a user unlocks the phone by dragging a finger over certain dots in a set pattern. An attacker might be able to recreate the pattern by examining finger smudges on the screen. WhisperCore displays unlock numbers in a column, so an attacker doesn’t know in which order the user hits the numbers to unlock the phone.

Earlier this year Whisper Systems released a software development kit so that developers could start building some WhisperCore features into their applications.

Few other companies are doing full disk encryption for Android, although there are many other companies taking other approaches to securing Android phones. Companies like 3LM and Good Technology offer mobile security services for enterprises. In addition, mobile device management products from companies including Sybase, BoxTone, Zenprise, Mobile Iron and Fiberlink let IT managers set basic policies like password requirement and remote wipe, and offer additional security capabilities.

The other whacky idea could be to make Twitter into a dual-functioning security product – I don’t really see how that would work though. Social Networking + Device security = confused users.

If anyone has any bright ideas as to why you think this deal took place, do drop them in the comments section below.

Source: Network World

Posted in: Countermeasures, Cryptography, Privacy, Security Software, Web Hacking

, ,


Latest Posts:


dSploit APK Download - Hacking & Security Toolkit For Android dSploit APK Download – Hacking & Security Toolkit For Android
dSploit APK Download is a Hacking & Security Toolkit For Android which can conduct network analysis and penetration testing activities.
Scallion - GPU Based Onion Hash Generator Scallion – GPU Based Onion Hash Generator
Scallion is a GPU-driven Onion Hash Generator written in C#, it lets you create vanity GPG keys and .onion addresses (for Tor's hidden services).
WiFi-Dumper - Dump WiFi Profiles and Cleartext Passwords WiFi-Dumper – Dump WiFi Profiles and Cleartext Passwords
WiFi-Dumper is an open-source Python-based tool to dump WiFi profiles and cleartext passwords of the connected access points on a Windows machine.
truffleHog - Search Git for High Entropy Strings with Commit History truffleHog – Search Git for High Entropy Strings with Commit History
truffleHog is a Python-based tool to search Git for high entropy strings, digging deep into commit history and branches. This is effective at finding secrets accidentally committed.
AIEngine - AI-driven Network Intrusion Detection System AIEngine – AI-driven Network Intrusion Detection System
AIEngine is a next-generation interactive/programmable Python/Ruby/Java/Lua and Go AI-driven Network Intrusion Detection System engine with many capabilities.
Sooty - SOC Analyst All-In-One CLI Tool Sooty – SOC Analyst All-In-One CLI Tool
Sooty is a tool developed with the task of aiding a SOC analyst to automate parts of their workflow and speed up their process.


5 Responses to Twitter Purchases WhisperCore – Full Disk Encryption For Android Phones

  1. b_i_d November 29, 2011 at 5:35 pm #

    Maybe they want to broaden the spectrum of business. I can’t imagine anything having to do with the main product (Twitter) too. So maybe it’s not about the main product at all and they just want to grow into other markets?

  2. Fortunate November 29, 2011 at 7:31 pm #

    Maybe it has something to do with how Twitter was used during some of the recent riots and how they were being asked to close/block certain accounts?

  3. droope November 29, 2011 at 8:15 pm #

    yeap, maybe they want to make twitter a secure medium of communication for rioters and other “wrong” doers. Imho that’d be great.

  4. sabrina November 30, 2011 at 8:44 am #

    I had never heard of WhisperCore before. It also makes me wonder why they’re focusing on security, specifically to this level. But it will be interesting to see how this develops. Thanks for sharing.

  5. Frood November 30, 2011 at 3:20 pm #

    Could be looking to create segregated internal secure twitter-spheres to sell to corporates?