Anonymous messages posted on Whisper, the secret-sharing application, might not be so anonymous after all, according to a report from the Guardian published on Thursday. Whisper has strongly denied many of the Guardian’s claims.
Whisper lets users post anonymous messages, often secret or gossipy in nature, publicly to the application. Other people can view and comment on the posts, and sometimes whispers posted on the application are used by news organizations, including the Guardian, in articles.
What The Guardian Found
According to the newspaper, Whisper monitors the location of some of its users, even those people who have decided to opt-out of the location sharing, and can track and pinpoint specific users with location turned on to within a 500-meter radius. The company is also reportedly sharing information posted from military bases with the U.S. Department of Defense, and monitoring “potentially newsworthy” users like military personnel and people who say they work at companies like Yahoo.
For people who turn off geo-location information, Whisper can use the poster’s IP location to discern approximate location data like a particular city, state, or country. Whisper does not have any access to any personal information like name or address, rather a unique user identification code is assigned to each user the first time they download and sign up for the application.
From A Whisper To A Scream
Neetzan Zimmerman, editor-in-chief at Whisper, said the Guardian story was a “pack of vicious lies” and that the news organization “made a mistake posting that story and they will regret it.” Zimmerman also said that the data Whisper provided to the Department of Defense was only from users who had opted-in to share their location.
The company says there is nothing in the geolocation data that can put the anonymity of users in jeopardy, and that it does not follow or track users. The company published a complete response to the Guardian’s questions, along with links to other stories that describe some of the company’s policies.
In January, Forbes reported that Whisper does track users in order to ban harassers or bullies on the site, and that the app has enough information on users for law enforcement to be able to figure out who posts what on the app. Whisper CEO Michael Heyward is fine with that, Forbes notes.
The key thing here is it’s not so much about being anonymous to us. What users care about is they’re anonymous to the community.
Whisper CTO Chad DePue was also quick to discount the Guardian story. He wrote on Hacker News that the company doesn’t collect personal information on users, although it does monitor some location information:
We want to know where a user is in a general sense for things like tracking timezone so when we send pushes we know not to send pushes at 3 in the morning. you’d be surprised how often device timezone may not always match with physical location.
We use general location to determine things users may be interested in. folks who post in lower manhattan may see different results than people in College Station, TX, over time.
We have a lot of anti-spam technology, and what IP you posted from, and what country that IP is in, is important. I can’t elaborate on this but it’s incredibly logical why we would use that information for things like keeping the app from filling with spammy garbage.
We throw away the IP you used to create the whisper after a brief period of time.
His response was met with heavy criticism. Security researcher Moxie Marlinspike said that, based on DePue’s response, he would assume that the Guardian’s reporting was “entirely accurate” despite DePue’s claim to the contrary.
A Third-Party Assessment
Security researcher and iOS forensics expert Jonathan Zdziarski conducted an independent investigation into the Guardian’s claims. He found that although people don’t provide their name or other personal information to Whisper, the unique identifier and the location data combined could potentially put someone’s identity at risk.
The Whisper app does not appear to be a social networking application with analytics; it appears to be an analytics and user acquisition application that also happens to have a social networking component.
Zdziarski also found that while it would be simple for Whisper to “fuzz” or “salt” the precise location information before sending it to their server, the company does not. Instead, DePue told Zdziarski in a tweet, the company is filtering the location data on the server side.
“It would make much more sense for privacy’s sake to simply fix this in future versions of the app,” Zdziarski wrote.
Just Don’t Trust Anonymous Apps
In the wake of the Edward Snowden revelations and other concerns about privacy and anonymity stemming from controversial polices from companies like Facebook, anonymous applications are on the rise.
Whisper and other apps like Secret and YikYak, supposedly provide users with a safe and secure place to talk about feelings on the Internet. Even Facebook is reportedly building an app that encourages you to spill your guts anonymously.
Users who just read and don’t contribute to these online spaces can enjoy a bit of Schadenfreude at others’ expense. But some users also post “secrets” on these anonymous networks that can do some serious damage.
Anonymous apps are still a small and growing space. As the Guardian article—along with stories like this Wired piece exposing a hack that could identify Secret users—illustrate, it might not be smart to trust these mobile applications with our deepest darkest secrets.
Anonymous applications are an important part of the Web. But they still have a lot of growing up to do. Until applications let users stay anonymous and safe from both the community and the companies that build them, there will always be a risk in sharing your secrets.
Of course, isn’t the whole point of secrets to keep them to yourself?
Lead image by Brian Smithson