Overview

>> Download the product presentation <<

Shadow is a secure messaging solution. In its essence it is a re-engineered version of the famous open-source messenger Signal which may be considered the world leader of secure messaging. In contrast to Signal, which is a mass market messaging service implying that all mobile clients are served by the same centralized server(s), Shadow is primarily targeted at B2B, being a corporate messaging solution whereby each customer (a corporation or, more generally, a “team”) deploys and manages its own system server.

Shadow meets the following three vital requirements of a secure messaging solution:

  • it provides for end-to-end encryption of all messages, attachments, avatars, voice, and video conversations;
  • it implies that the system server is under administration of the customer itself;
  • it is fully open source (both client and server parts).

This, coupled with robustness and simplicity inherited from Signal, makes Shadow outstanding among the plentitude of secure messaging solutions. (For example, Signal itself fails to meet at least the second requirement).

End-to-end encryption makes it impossible for malicious parties to decrypt traffic intercepted along the way.

Running your own system server solves the problem of customer-provider trust: you no more need to trust the provider of the service, since you run the service yourself.

The fully open source code solves the problem of customer-developer trust and ensures that possible bugs and vulnerabilities are open to scrutiny of the wide community of information security and software development professionals around the world.

At present, Shadow client is implemented for Android (6.0 and above) operating system only. Desktop and iOS versions may be introduced in future.

Some features of the Shadow system are:

  • client configuration provisioning from the server (no reliance on parameters or certificates hardcoded in the binaries);
  • no reliance on telephone (E.164) numbers; accounts have alphanumerical usernames not associated with any URI scheme;
  • manual account provisioning (instead of insecure verification via SMS or voice call);
  • private cloud as part of the system architecture (no reliance on 3rd party clouds such as Amazon or Google);
  • centralized contact book management instead of reliance on the phone contact book.

Several exciting features attractive for business customers are currently on the product roadmap.