Introducing Whisper

Introducing Whisper

Edwin Schmierer | Friday, Oct 1, 2021 |  Security

Imagine you have a new engineer joining your team and you need to provide passwords for access to critical systems. Or you need to send a sensitive file to a client. Or you need to share encryption keys with a team member. What do you do?

You might text a password or key (hopefully using Signal since it uses end-to-end encryption), but that won’t work for lengthy keys, files, or large docs. You might write it on a piece of paper or place it on a thumb drive, but both are limited by proximity, which frankly doesn’t work too well when remote work has become the norm. Or you might email it but that exposes several security risks. What if the recipient forwards it or is hacked or never deletes the message so it remains indefinitely in their inbox? How secure is email, really? If you’re using a popular free email service, the Terms of Service may give the provider limited permissions to access your data.

Whisper: A Secret-Sharing Utility

We encounter these issues at Rotational everyday, so we created a secret-sharing utility called Whisper. As a remote and global-first team by design, Whisper demonstrates our desire at Rotational Labs to build collaboration tools with security-first principles in mind. Users can securely share and control access to confidential information such as passwords, documents, config files, keys, and certificates across an organization. Senders can limit access attempts, set an expiration time (e.g. 5 minutes to 7 days), and/ or require a password to access the secret while recipients can destroy secrets once accessed.

Whisper leverages Google Secret Manager to provide a convenient interface for the kinds of secure information transfer use cases we routinely encounter. These use cases include onboarding new employees, sharing data with clients and vendors, and securing internal communications on engineering teams.

We’ve open-sourced Whisper, meaning you can check it out to ensure it satisfies your organization’s protocols, or even create your own implementation. Alternatively, Rotational offers low-cost hosting solutions.

Stay tuned for an upcoming post about the technical details under the hood. For now, please try Whisper and send feedback to info@rotational.io.

Photo by Kent Pilcher on Unsplash

About This Post

Shhh..there's a better way to share secrets. Introducing Whisper, our secret-sharing utility.

Written by:

Edwin Schmierer

Share this post:

Recent Rotations butterfly

View all

5 Javascript Libraries to Use for Machine Learning

Over the years, several JavaScript libraries have been created for machine learning. Let’s sort through the ones that can help you get started quickly, even if you don’t have much experience with machine learning or data …

Danielle Maxwell
Mar 11, 2024

Predicting the Oscars With LLMs

Looking for a middle ground between custom LLMs and traditional ML? Please welcome semantic search to the stage! Let’s use semantic search to predict which film will take home the “Best Picture” Oscar this year 🤩

Patrick Deziel
Mar 8, 2024

How to Manage Overwhelm

Each morning, I make the mistake of checking social media before getting out of bed. As I catch up on what’s happening in the world, I often find myself thinking “This too much” all before 8 AM.

Danielle Maxwell
Feb 13, 2024
Enter Your Email To Subscribe