You can trust Peerio. That's a fact.
It's been an exciting few months for Peerio as we approach our second anniversary this summer. We are preparing to launch mobile clients for Android and iOS, professional plans for our heavy users, and we have a slew of features in the pipeline to improve overall user experience.
As our team continues to grow, we've been accelerating development of a collaborative end-to-end encryption tool to ensure that everyone has access to a simple and secure platform to share private messages and files in the cloud. This has been our mission since Day 1 and it is a source of pride for the entire Peerio team who believe strongly in that mission.
While Peerio clients and most observers understand this mission, there remains some skepticism. Since we pride ourselves on quality control and transparency, we'd like to use this space to address some of those concerns, and a few misinformed theories that have been floated on social media.
Is there a "backdoor"?
No.
Critics who argue that Peerio planned to sell backdoored cryptography to enterprise -- that is to say an intentional bypass in the cryptographic design to decrypt users' communication without their knowledge -- are being purposefully deceitful. Any talk of a backdoor was quickly dismissed as being contrary to the company's values. Independent auditor Cure53 demonstrated that rather clearly in their most recent audit, which was made public last week. What is being considered, as we will elaborate on here, is not creating a backdoor but an optional multi-party authentication system that could actually enhance security and usability for many users.
The highly-trusted Cure53, responsible for auditing platforms like SecureDrop, wrote that Peerio gave "an overall strong and secure impression...With the exception of some smaller glitches Peerio presents itself as prepared to handle and deter a large and diverse array of possible attacks." The audit correctly pointed to issues in development code that was never released to the public and were fixed in advance of the mobile launch. The purpose of such audits is to catch vulnerabilities and ensure fixes to any problems are issued before users have access to the platform. We're proud to have worked with an expert team as thorough as Cure53 to assure our upcoming mobile clients' security.
Concerns that a backdoor would be written into Peerio code is baseless. All versions of Peerio that have been released are secure, as verified by Cure53. In order to ensure the sustainability of Peerio, and subsidize development of the free application for all users, versions of the platform are designed for enterprise clients with specific needs. One client, for instance, may require access to a colleague's Peerio communications in the event of an on-the-job incident, death or other urgent circumstances; another may be subjected to compliance regulations by professional orders that would compel the client to disclose those communications. In either case, Peerio would not have access to the data, but will work with a client to develop a threat model and advise on secure alternative means for account and data recovery.
Many users -- individuals or enterprise -- would find an option for multi-party authentication via trusted contacts useful, whether to respect compliance in certain industries, to retrieve lost passphrases, or even, in some cases, to ensure the well-being of users in high-risk environments.
One real-life example: In discussions with an NGO journalism organization, team members expressed to Peerio a grave concern. If a journalist were kidnapped or went missing, there would need to be a way to access their colleague's account to gather information on their location, among other important details, to relay to the proper authorities. Individual users are free to simply share their Peerio passphrases with others if they wish; similarly, a company can independently create accounts for their users and store passphrases in a database. However, these options create a centralized point of risk.
Rather than entrust a single colleague or database with users' secret keys, Peerio has been seriously considering multi-party authentication. What if a user could designate three or more parties as "trusted contacts" who could collaborate to gain access to the account in emergency scenarios? In the case of the aforementioned NGO, multi-party authentication is more than a philosophical debate between tech bloggers, it is life and death.
Unfair criticism
A series of tweets from a disgruntled former Peerio team member attempted to discredit the work of his former friends and colleagues. In addition to false claims by Nadim Kobeissi about Peerio developing a "backdoor," his criticism has ranged from unfair to downright bizarre. Some of the more serious allegations merit clarification:
Peerio's "CEO repeatedly pressured...to come up with ways to sell backdoored crypto to private clients."
This statement is not only inaccurate and unprovable, but completely in contradiction with the type of work Peerio has been carrying out. Such a strategy would undermine the company's credibility. Again, "backdoored crypto" was never a scenario considered by any team member.
"Peerio's open-source E2E crypto client's a front, owned by oil equity firms, main plan is to sell backdoored crypto to enterprise."
False. No equity, debt or any other Peerio asset is owned by oil equity firms.
Peerio "attempted blackmail to gain exclusive rights over miniLock, by withholding shares."
As per the contract signed by the former employee, miniLock (the file encryption protocol that Peerio is based on) remains Kobeissi's property but "can be used by the Company where relevant." As per the release agreement:
"Mr. Kobeissi hereby grants to Peerio...a non-exclusive, perpetual, irrevocable, worldwide, assignable, royalty-free, full paid-up license to use and fully commercially exploit the software in connection with its business.”
Of course, there was no "blackmail" and no such evidence has been produced. Weeks of delays were caused by Kobeissi as he sought a legal opinion and ultimately declined to sign the agreement. Despite his lack of cooperation, Kobeissi's shares were mailed within days of his decision. We received confirmation Kobeissi had received the shares on August 27, 2015, and the matter is now settled.
Peerio "attempted to prevent me from disclosing and by threatening to sue, asked me to sign contract that I'd never tweet about Peerio."
Non-disclosure agreements are exceedingly common and no "threat" was ever made. In Peerio's view the Kobeissi matter has concluded, though the company reserves the right to defend itself in court against unquestionably false and defamatory statements about the technology or employees.
It's unfortunate that the Peerio team had to be momentarily distracted by what amounted to an irrational and aggressive attack from a former team member who was consistently at odds with colleagues and exhibited a destructive attitude toward the company. The team remains unwavering in its commitment to working toward the goal of providing simple and secure communications for all.
If you have any questions or concerns, feel free to write the Peerio team: [email protected]








