Twitter has bought a company called Whisper Systems, who make a secure version of the Android operating system as well as suites of privacy tools that are intended to protect demonstrators, especially participants in the Arab Spring. Many speculate that the acquisition was driven by the desire to hire CTO Moxie Marlinspike, a somewhat legendary cryptographer.
At first blush, the move is a bit baffling. Twitter, the quintessential consumer internet service, would seem to have little need for a company that has revamped Android security from the ground up for business use. But the micro-blogging site may simply be acquiring Whisper Systems for its talent — including Marlinspike, who serves as the startup’s chief technology officer, and roboticist Stuart Anderson — and the two companies do have a certain affinity. Both pride themselves on the support they’ve provided to protesters in the Middle East.
Security and privacy guru Chris Soghoian believes Twitter may have brought Moxie Marlinspike into the fold because the micro-blogging site has developed a reputation for not having the best security. Marlinspike is an expert in SSL (secure sockets layer) encryption, and Twitter — which has yet to turn on SSL by default for all users — could use his skills to lock down its services and make life harder for phishers.
I've been worried lately about the crumbling infrastructure of the SSL system, and what it means for our ability to communicate in private, to conduct banking and ecommerce, and to have any assurance of identity online. I've been asking all the security/crypto supernerds I know about this for a few months, and to a one, they've mentioned Marlinspike's Convergence and said, effectively, "I'm not sure if it'll solve this, but there's nothing else I have any hope for."
Twitter Buys Some Middle East Moxie (Thanks, Larry!)