Introducing Whisper

Introducing Whisper

Edwin Schmierer | Friday, Oct 1, 2021 |  Security

Imagine you have a new engineer joining your team and you need to provide passwords for access to critical systems. Or you need to send a sensitive file to a client. Or you need to share encryption keys with a team member. What do you do?

You might text a password or key (hopefully using Signal since it uses end-to-end encryption), but that won’t work for lengthy keys, files, or large docs. You might write it on a piece of paper or place it on a thumb drive, but both are limited by proximity, which frankly doesn’t work too well when remote work has become the norm. Or you might email it but that exposes several security risks. What if the recipient forwards it or is hacked or never deletes the message so it remains indefinitely in their inbox? How secure is email, really? If you’re using a popular free email service, the Terms of Service may give the provider limited permissions to access your data.

Whisper: A Secret-Sharing Utility

We encounter these issues at Rotational everyday, so we created a secret-sharing utility called Whisper. As a remote and global-first team by design, Whisper demonstrates our desire at Rotational Labs to build collaboration tools with security-first principles in mind. Users can securely share and control access to confidential information such as passwords, documents, config files, keys, and certificates across an organization. Senders can limit access attempts, set an expiration time (e.g. 5 minutes to 7 days), and/ or require a password to access the secret while recipients can destroy secrets once accessed.

Whisper leverages Google Secret Manager to provide a convenient interface for the kinds of secure information transfer use cases we routinely encounter. These use cases include onboarding new employees, sharing data with clients and vendors, and securing internal communications on engineering teams.

We’ve open-sourced Whisper, meaning you can check it out to ensure it satisfies your organization’s protocols, or even create your own implementation. Alternatively, Rotational offers low-cost hosting solutions.

Stay tuned for an upcoming post about the technical details under the hood. For now, please try Whisper and send feedback to info@rotational.io.


Photo by Kent Pilcher on Unsplash

About This Post

Shhh..there's a better way to share secrets. Introducing Whisper, our secret-sharing utility.

Written by:

Share this post:

Recent Rotations butterfly

View all

To LLM or Not to LLM (Part 2): Starting Simple

Sick of hearing about hyped up AI solutions that sound like hot air? 🧐 Let’s use boring old ML to detect hype in AI marketing text and see why starting with a simple ML approach is still your best bet 90% of the time.

Building an AI Text Detector - Lessons Learned

The LLMs boom has made differentiating text written by a person vs. generated by AI a highly desired technology. In this post, I’ll attempt to build an AI text detector from scratch!

May 15, 2024

To LLM or Not to LLM: Tips for Responsible Innovation

We’re seeing a proliferation of Large Language Models (LLMs) as companies seek to replicate OpenAI’s success. In this post, two AI engineers respond to LLM FAQs and offer tips for responsible innovation.

Enter Your Email To Subscribe