FAQs

Semafore is a messaging tool that is designed for organisations, not private individuals. As such the visibility of whether a message is reported as seen or not is set by the organisation.

Note that this is the issuing of read receipts, regardless of organisation. If User A1 is in Organisation A and A has determined that user A1 will not issue read receipts, User B2 in Organisation B that does permit read receipts to be issued, will not be able to tell if User A1 has read or not read B2's' message. Meanwhile if A1 sends a message to B2, A1 will be able to tell if B2 has read it.

When Semafore is first opened, or opened after a period of being in the background, it connects to our server and conducts a 'cryptographic-handshake' to report that it is now online and able to receive / send messages. This opening up of a crypto tunnel takes a little while - cryptography (encryption) is mathematically challenging and hence the 'delay' whilst it completes.

1. end-to-end encryption
2. cannot be read on our servers
3. due to the advanced cryptography used we need to ensure no bad actors - hence only sold to organisations that have a footprint (ie listed in a government published corporate register)
4. all code libraries are either developed by ourselves or sit under our control - no ability for a bad actor to conduct a supply chain attack and introduce malicious code into an inherited library

At initial install, a non-registered user can only communicate with two others. This limits the use of Semafore by bad actors until Attomus has verified the buying entity.
Also See 'Why don't you sell via the AppStore or Google Play

The security architecture and encryption that Semafore uses means that we are not permitted to allow non-approved entities to make use of our technology.

As a result, we can only offer Semafore to organisations that can be publicly verified as part of the buying process - they must exist on a corporate register, and key details will be independently verified before a full licence can be issued.

For government agencies, please contact 'semafore' 'at' 'attomus.com' or raise a ticket at attomus.com

Yes

For monthly spend in excess of £1,000 / $1,000 - of course. Please email 'billing' 'at' 'attomus.com'

The dashboard allows an organisation to look across their user population and provides security monitoring, key metrics and security tools to help the CISO understand their security posture within Semafore.

From the Dashboard you can see how many messages are being sent from which devices (obviously you can't read them or tell who they are being sent to), remote delete the application from a user's device if it's been compromised or stolen, and manage your users and whether users may invite others.

This is managed within the Dashboard

Attomus is an independent cybersecurity and advanced technology company that provides tools and services to the UK government, NATO and other agencies.
A bunch of nerds who love tech and have lived our entire lives in the cyber and advanced security space, we wanted to use our skills and knowledge to build a product that could be used by a wider audience than the very exclusive rarefied clients that we normally work with.