Subscribe to Dr. Granville's newsletter

All Posts (55)

  • New IceWarp Version Reinvents Messaging Software Market by Offering Online Meetings, Document Management and Dropbox Integration in One Package

    -- IceWarp Messaging Server 11 also includes enhanced VoIP, Mobile Synchronization and Instant Messaging functionality -- 

    Springfield, VA- February XX, 2014 - IceWarp has released the newest version of its award-winning messaging server that reinvents messaging software market by offering Online Meetings, Document Management and Dropbox Integration in one package. IceWarp 11, announced today by the global provider of messaging solutions, also features enhanced email, VoIP, Mobile Synchronization and IM functionalities managed from a revamped user-friendly WebClient.

    "IceWarp has once again redefined the messaging market by replacing several applications with one integrated product," said Ladislav Goc, President of IceWarp. "The new server contains most popular features found in MS SharePoint and Exchange, and offers a wide range of additional productivity-boosting functionalities. Also, our goal was to create a product with zero learning curve - and we invested a lot of development into achieving just that."

    The new IceWarp features include:

    1. New user-friendly, intuitive WebClient Interface that puts messaging, document management and unified communications features on one console that can be easily mastered by users with very basic IT skills. Customer can switch between desktop, tablet and mobile versions.

    2. Online meetings - Conference Calls, Chat and Screen Sharing. IceWarp users can now schedule online conference calls and invite attendees. Once on a meeting, users can share their screen, record video and audio, pass remote control of their keyboard and mouse to others on the call, and much more. 

    3. Document Management. Users can now store and team edit all documents within IceWarp. Previous versions of a document are now stored and teams can easily revert to an older version if needed. Text, HTML, Microsoft Word, PowerPoint, and Excel documents can be instantly created, edited and stored within IceWarp with no need to download to a computer. 

    4. Dropbox integration. Users can upload files from the popular Dropbox service by clicking the Dropbox icon in IceWarp's redesigned WebClient. 

    5. Better-Integrated WebIM. The new IM panel puts icons for WebIM, WebPhone and Meeting features within reach from the toolbar and indicates the online status or ongoing activity at a glance. Presence statuses can be restricted to a predefined list for simplicity. Multiple conversations are grouped to tabs, just like in desktop applications. 

    6. New BYOD capabilities. IceWarp users can now customize how their mobile devices are synced like never before. The Mobile Devices dialog lists all connected Exchange ActiveSync clients along with the manufacture's device name. Users can control which folders they want to have available, date range of emails and calendars to synchronize. They can manage Tasks and Notes simulation, or erase data from the device by Remote Wipe. 

    7. iOS 7 Notes synchronization. Starting with iOS 7, iPhone and iPad users now have Notes automatically synchronized between their device, Microsoft Outlook and WebClient. Previously there had been several workarounds for keeping professional notes synchronized between iOS 6, Outlook and WebClient. All of them have had various shortfalls. With new IceWarp Server, users will be able to keep their notes synced up with no external application needed. 

    8. Popular "Tasks & Notes" App for Android. This option has for a long time solved Android's lack of official support for Tasks and Notes on their devices, and is now made available for IceWarp users as well. It keeps the WebClient or Outlook in sync with your mobile device and allows remote management of Notes, Tasks and checklists. The application supports sorting & search, multiple views and themes, alarms, notifications, recurrences, tags and much more.  

    9. Outlook 2013 Support. There is now a new way to use Outlook Sync instantly without installing any plugin, simply by configuring it for an Exchange ActiveSync service, much like with a smartphone.

     

    10. Secure Messaging. Full S/MIME support allows for email encryption and signing with personal certificates. Users are only required to install the private certificate on their devices. The public certificate of the recipient is automatically retrieved from GAL. This feature works best on iOS, but is also supported by selected client apps (NitroDesk for Android, NotifySync for BlackBerry). 

    11. New Linux Versions. The Linux version of IceWarp is being released for the first time as a 64-bit application. IceWarp for Debian 6 is officially out of beta and IceWarp for Debian 7 is being released for the first time. There are also new builds for Ubuntu 10.04 LTS (Long Time Support) and 12.04 LTS, increasing the supported number of Linux systems to 11, with 32-bit and 64-bit versions available for most distributions. 

    IceWarp 11 also includes many noteworthy improvements to the server's Administration, Antispam and Antivirus. 

    "The new IceWarp server has become a one-stop solution for all business collaboration needs," explained Mr. Goc. "This approach helps organization take full control over their messaging infrastructure, making it low-maintenance and financially predictable. Additionally, we have made significant improvements in the server administration console. IceWarp Server is often called 'systems administrator's paradise', and we want to make it even more easy and fulfilling to work with." 

    IceWarp has a released a 6 minute video walkthrough of IceWarp 11 for current and new customers: (http://www.youtube.com/watch?v=NHiZI9TJMYQ).

     

    To download a free 30 day trial license of IceWarp 11, please visit http://www.icewarp.com/downloads/ 

    ABOUT ICEWARP

    IceWarp is a leading provider of comprehensive messaging solutions for every business class, size and niche.  Building upon a decade of enterprise e-mail platforms experience, IceWarp offers organizations an all-in-one highly secure solution that enables their mobile workforce to communicate through any platform, be it e-mail, mobile synchronization, chat, SMS, voice or video. The highly scalable system is used by organizations of all sizes, from SMBs to large corporations like Marriott International, Burger King and Toyota. IceWarp's solutions are available in over 40 countries through a comprehensive network of distributors.

    www.icewarp.com 

    Read more…
  • I am doing some research to compress data available as tables (rows and columns, or cubes) more efficiently. This is the reverse data science approach: instead of receiving compressed data and applying statistical techniques to extract insights, here, we are looking at uncompressed data, extract all possible insights, and eliminate everything but the insights, to compress the data.

    In this process, I was wondering if one can design an algorithm that can compress any data set, by at least one bit. Intuitively, the answer is clearly no, otherwise you could recursilvely compress any data set to 0 bit. Any algorithm will compress some data sets, and make some other data sets bigger after compression. Data that looks random, that has no pattern, can not be compressed. I have seen contests offering an award if you find a compression algorithm that defeats this principle, but it would be a waste of time participating.

    But what if you design an algorithm that, when a data set can not be compressed, leaves the data set unchanged? Would you be able, on average, to compress any data set then? Note that if you assemble numbers together to create a data set, the resulting data set would be mostly random. In fact, the vast majority of all data sets, are almost random and not compressible. But data sets resulting from experiments are usually not random, but they represent a tiny minority of all potential data sets. In practice this tiny minority represents all data sets that data scientists are confronted to.

    It turns out that the answer is no. Even if you leave uncompressible data sets "as is" and compress those that can be compressed, on average, the compression factor (of any data compression algorithm) will be negative. The explanation is as follows: you need to add 1 bit to any data set: this extra bit tells you whether the data set is compressed using your algorithm, or left uncompressed. This extra bit makes the whole thing impossible. Interestingly, there have been official patents claiming that all data can be compressed. These are snake oil (according to the founder of the GZIP compressing tool), it is amazing that they were approved by the patent office.

    Anyway, here's the mathematical proof, in simple words.

    Theorem

    There is no algorithm that, on average, will successfully compress any data set, even it leaves uncompressible data sets uncompressed.

    Proof

    Let y be a multivariate vector with integer values, representing the compressed data. Let say that y can take on m different values. Let x be the original data, and for any x, y=f(y) represents the compressed data.

    How many solutions can we have to the equation f(y) ∈ S, where S is a set that has k distinct elements? Let denote the number of solutions in question as n. In other words, how many different values can n take, if the uncompressed data can take on k potential values? Note that n depends on k and m. Now we need to prove that:

    [1] n * (1 + log2 m) + (k -n ) * (1 + log2 k) ≥ k log2 k

    where: 

    • log2 m is the number of bits required to store the compressed data
    • log2 k is the number of bits required to store the uncompressed data 
    • the number 1 corresponds to the extra bit necessary to tell whether we store the data in compressed or uncompressed format
    • k log2 k represents the number of bits required to store ALL data sets of size k, as is, without using any compression whatsoever
    • n * (1 + log2 m) + (k -n ) * (1 + log2 k) represents the number of bits required to store ALL data sets, compressing data sets if and only if efficient, leaving them uncompressed when compression is inefficient
    • n is the number of data sets (out of k) that can be compressed efficiently
    • log2 is the logarithm, in base 2

    The proof consists in showing that the left hand side of the equation [1] is always larger than the right hand side (k log2 k)

    In practice, m < k, otherwise the result is obvious and meaningless (if m > k, it means that your compression algorithm ALWAYS increases the size of the initial data set, regardless of the data set). As a result, we have

    [2] n ≤ m, and n ≤ k

    Equation [1] can be written as n * log2 (m / k) + k ≥ 0. And since m < k, we have

    [3] n ≤ k / log2 (k / m).

    Equation [3] is always verified when m < k and [2] is satisfied. Indeed k / log2 (k / m) is always minimum (for a given k) when m = 1, and since n ≤ k / log2 k, the theorem is proved.

    Read more…
    • Comments: 0
    • Tags:
  • The proliferation of smart devices and mobile apps is expected to give rise to a more sophisticated and interactive customer service experience over the next four years. Analysts are predicting that more than half of inbound customer service calls in key countries will to be made from a mobile device by 2016, and 30 percent of these from smartphones. But is the enterprise ready for mobile customer care?
    Read more…
  • A common role for IT is that of watch guard for users, endlessly trying to educate and train on best practices for security, privacy and regulatory compliance. Making that IT role all the more challenging is bring your own device and social networking trends; both have increasingly opened the door to users’ potential for widespread sharing of personal and company information. Is it possible that some of the training and education is becoming so mainstream that it is being echoed outside the business realm? According to a recent Pew Internet & American Life Project report published this month, parents are acutely aware that teenagers have an online presence and 81 percent are concerned about it. Over half the parents polled were very concerned about how their teen interacts online with people they don’t know.
    Read more…
  • Preparing for a Failure Event

    For businesses to recover from failure events, such as a site level disaster or a local server failure, a high availability/disaster recovery (HA/DR) solution for the messaging infrastructure is a must have requirement. The following offers key recommendations for choosing an HA/DR solution for the messaging infrastructure:
    Read more…
  • Proposal for bulk email processing

    Bulk email represents one of the largest portions of legitimate emailing (spam is not included in this category). Sending bulk email requires a lot of bandwidth, and technical expertize to obtain high delivery rates. Newsletter that you subscribe too are typically sent via newsletter management companies, such as Vertical Response, MailChimp, Constant Contact or iContact. It is also expensive, with $10,000 per year to manage a 100,000 mailing list (including mailing, unsubscribes, reporting, A/B testing, resolving issues with ISP's and blacklisting services such as Spamhaus, and so on).

    What if Gmail, Yahoo mail and Hotmail (they account to more than 60% of email addresses targeted by bulk email) offered the following services to make bulk emailing less bandwidth-consuming, and easier to monitor. Any time you send a newsletter to more than (say) 50,000 Gmail recipients, here is how it works:

    1. You upload (automatically, via an API) your list of Gmail addresses to a specified Google server
    2. You email your message to a single gmail address (managed by Google for this purpose) 
    3. Google then distribute your single message to all 50,000 Gmail recipients that are in your list.

    This achieves the following goal: Gmail actually distributes the message (not you), using Google servers that are close to their Gmail servers. There is also one fewer node between the sender (the mailing list management company) and the recipient, thus saving considerable bandwidth. In short, it benefits both the sender, Gmail and the recipient (the latter one benefits thanks to better monitoring capability by Gmail, to block a message when deemed spammy).

    There is a problem: what if you send a customized email to 50,000 recipents? For instance, the message starts with "Hi [Your Name]". The workaround is simple: Gmail could accept a few macros in your message, such as [Your Name], and deliver the customized version to all 50,000. All is needed is a very rudimentary macro language. And of course, the mailing list uploaded on Google servers must contain the email address but also the first name., for this type of customized message.

    Related articles

    Read more…
    • Comments: 0
    • Tags:
  • The Encryption Disconnect

    Most content is not sent or stored with any sort of encryption. For example, attachments sent through email, files sent using many file transfer solutions, form data sent over the Internet, content stored in repositories like file servers, desktop computers, laptop computers, tablets, smartphones, removable storage devices like USB sticks, etc., are not sent or stored with encryption. The result is that a wide range of sensitive or confidential data is left vulnerable to interception by unauthorized parties, sometimes with very damaging results.
    Read more…
  • There is no doubt that every organization needs to implement technology-based solutions to protect itself from phishing, spearphishing, whaling and related types of threats. These attacks can create enormous problems for an organization, including loss of intellectual property, the draining of financial accounts and other damaging effects. However, while technology-based solutions are a must, the users in your organization should be the initial line of defense against phishing and related attacks. As a result, every user should receive the appropriate level of security awareness training to ensure that they are sensitized to the subtleties of phishing, spearphishing and related types of attacks.
    Read more…
    • Comments: 0
    • Tags:
  • Monitoring the Performance of the Cloud

    One of the advantages that the cloud offers to IT is the ability to offload some of its work to a third party provider. By migrating the responsibility for managing server deployments, software installation, patch management and other more mundane tasks to a cloud provider, IT can focus on higher value added tasks that can create competitive or other advantages. However, while IT can offload some of its tasks to specialist third party providers by migrating to the cloud, it cannot offload the blame when cloud-based systems go down. When cloud-based email goes down, for example, the first to be notified by users will undoubtedly be the IT department, not the cloud provider.
    Read more…
  • I have been banging the email archiving drum for many years, urging organizations of all sizes and across all industries to archive their email. Just as individuals archive their tax and other important records, business records should be archived for as long as necessary. However, many organizations are still resistant to archiving for reasons that range from a perception of excessive TCO for archiving technology to a desire not to retain “smoking guns” that might portray a company in a negative light during a legal action.
    Read more…
  • This is potentially one of the worst nightmares for security experts. This type of fraud has been observed in the context of click fraud, but the payload potential is far bigger if it ever gets implemented to steal bank account login/password.

    About the scheme:

    An infected user - his computer has been infected by a virus, and (say) Firefox is now corrupt on his computer - tries to logon to his bank account. He types the correct domain name (say www.key.com) on the URL box in Firefox, and the real key.com webpage in question shows up. But when the key.com page shows us on the browser, everything is legit except the key.com login box that was substituted, on the fly, by a script on your hijacked computer, planted by a Botnet client who wants to access your bank account to make wire transfers to his account.

    Once you enter your loging/password in the box, your info gets transferred to the criminals. If the criminals are smart enough, you won't notice anything: atfer entering your credentials, maybe you get served a genuine key.com error page, but it's too late: criminals got your login/password and are now wiring all your money to external bank accounts.

    A potential strategy, for criminals to make this system more effective, is to have the Botnet operator send millions of email messages to users known to be infected by its Botnet. The Botnet operator just have to send a message (that will look very legitimate), providing the real URL for you to sign up on your real key.com account, knowing that your browser is infected.

    While I haven't seen any scheme like this so far (involving hijacking your bank account via browser sign-on Trojan through browser infection), I've seen the exact same scheme used in the context of click fraud, deployed by a company known as MediaForce.com, still operating as of today, substituting genuine banner ads by fake ones - to promote their porn and Viagra ads from their clients.

    Read more…
    • Comments: 1
    • Tags:
  • As social media matures, marketers have been working to figure out how to harness the channel for financial gain and data gathering. Online marketers know that social media is a great way to engage customers and that it plays an important role in customer insight. An interesting January comment from research analysts at Gartner goes something like: “By 2017 the Chief Marketing Officer (CMO) will spend more on IT Than the Chief Information Officer.” Given that so much of today’s marketing takes place through online channels, this comment seems entirely believable as IT is increasingly called upon to help not only with things like implementations, systems management, uptime, and compliance, but also with data management, collection, and analysis.
    Read more…
  • The Element of Trust in Cloud Messaging

    The traditional model of deploying email, security, archiving, backup and related solutions using on-premise servers and software (or appliances) requires a certain amount of trust—trust in the technology offered by the hardware and software vendors, trust in the quality of the ways these technologies have been implemented, trust in the responsiveness of their support when things go wrong, trust in the patches and upgrades that are offered, and so forth.
    Read more…
  • Why You Must Manage Social Media

    Clearly, anyone in the financial services industry should get their social media act together in order to prevent charges of insider trading or doing anything that might run afoul of SEC, FINRA, FSA or other regulations. However, even if you’re not in the financial services industry, you should get your social media act together in order to prevent bad things from happening to your company.
    Read more…
  • Email is conceptually simple, but its implementation in many large organizations is anything but. Email systems serve as the communication backbone for most organizations, but also as their primary file-transport system, their primary source of archivable content, and an enormous source of content about how their business operates (something that a Big Data approach to email will use increasingly to provide decision makers with valuable content for intelligence about their companies). It’s also important to the note that while many think of email as a primarily person-to-person communications tool, quite often the primary senders of email are applications, not people. Take a look at the most recent 100 emails in your inbox, for example, and you’ll probably find that a large percentage of them, if not the majority, were sent to you by an Email-Generating Application (EGA).
    Read more…
  • Here's a new idea for Google to make money and cover the costs of processing / filtering billions of messages per day.

    This is a solution to eliminate spam as well, without too many false positives as currently.

    Solution: Google to create its own newsletter management system!

    Or at least, Google works with major providers (Vertical Response, Constant Contact, iContact, Mail Chimp etc.) to allow their clients (the companies sending billions of messages each day, such as LinkedIn) to pay a fee based on volume. The fee would help the sender to not end up in Gmail spam box, as long as it complies with Google policies. Even better: let Google offer this newsletter management service directly to clients who want to reach Gmail more effectively, under Google's controls and conditions.

    I believe Google is now in position to offer this service, as more than 50% of new personal email accounts currently created are Gmail, and they last much longer than any corporate email accounts (you don't lose your Gmail account when you lose your job). Indeed, we would be one of the first clients to sign up with Gmail Contact (that's the name I have invented for the Google newsletter management service). Google could reasonably charge $100 per 20,000 messages sent to Gmail accounts: the potential revenue is huge.

    If Google would offer this service internally (rather than through a 3rd party such as Constant Contact), they would make more money and have more control, and the task of eliminating spam would be easier and less costly.

    Currently, since Google offers none of these services, we face the following issues:

    • A big component in Gmail anti-spam technology is collaborative filtering algorithms: your newsletter quickly ends up in the spam box, a few milliseconds after the delivery process has started, if too many users complaint about it, do not open it, or don't click
    • Thus fraudsters can create tons of fake Gmail accounts to boost the "open" and "click" rates so that their spam goes through, leveraging collaborative filtering to their advantage
    • Fraudsters can also use tons of fake Gmail accounts to fraudulently and massively flag email received from real companies or competitors, as fraud.
    • Newsletter are delivered way too fast: 100,000 messages are typically delivered in 5 minutes by newsletter management companies. If Gmail was delivering these newsletters via their own system (say Gmail Contact), then it could deliver much more slowly, and thus do a much better job at controlling spam without creating tons of false positives.

    In the meanwhile, a solution for companies regularly sending newsletters to a large number of subscribers is to:

    1. Create a special segment for all Gmail accounts, and use that segment more sparingly. In our case, it turns out that our Gmail segment is the best one (among all our segments), in terms of low churn, open and click rate - if we do not use it too frequently, and reserve it for our best messages.
    2. Ask your newsletter management vendor to use a dedicated IP to send messages
    3. Every three months, remove all subscribers who never open or even those who never clicked (though you will lose good subscribers with email clients having images turned off)
    4. Create SFP records.
    Read more…
    • Comments: 0
    • Tags:
  • Guest blog by Vincent Granville, first posted here.

    Here's some simple JavaScript code to encode numbers, such as credit card numbers, passwords made up of digits, phone numbers, social security numbers, dates such as 20131014 etc.

    NSA Headquarters

    How does it work?

    1. Open our web app in a different browser tab
    2. Enter number to encode / decode in box, on the web page in question
    3. Select Encrypt / Decrypt
    4. Email the encoded number (it should start with e) to your contact
    5. Your contact use the same form, enters the encoded number, select Encrypt / Decrypt, and then the original number is immediately retrieved.

    This code is very simple, it is by no means strong encryption. It is indeed less sophisticated than uuencode. But uuencode is for geeks, while our app is easy to use by any mainstream people. The encoded value is also a text string, easy to copy and paste in any email client. The encoded value has some randomness, in the sense that encoding twice the same values will result in two different encoded values. Finally, it is more secure than it seems at first glance, if you don't tell anyone (except over the phone) where the decoder can be found. I will create a version that accepts parameters, to make it even more secure.

    Related articles

    Here's the JavaScript / HTML code for those interested (this is the source code of the web page where our application is hosted). You could save it as an HTML document on your local machine, with file name (say)encode.html in a folder (say) C://Webpages, and then open and run it from a browser on your local machine: the URL for this local webpage would be \\/C:/Webpages/encode.html if you use Chrome.  

    <html>
    <script language="Javascript">
    <!--
    function encrypt2() {
      var form=document.forms[0] 
      if (form.encrypt.checked) {
        form.cardnumber.value=crypt(form.cardnumber.value)
      } else {
        form.cardnumber.value=decrypt(form.cardnumber.value) 
      }
    }
    function crypt(string) {
      var len=string.length
      var intCarlu
      var carlu
      var newString="e"
      if ((string.charCodeAt(i)!=101)&&(len>0)) {
        for (var i=0; i<len; i++) {
          intCarlu=string.charCodeAt(i)
          rnd=Math.floor(Math.random()*7)
          newIntCarlu=30+10*rnd+intCarlu+i-48
          if (newIntCarlu<48) { newIntCarlu+=50 }
          if (newIntCarlu>=58 && newIntCarlu<=64) { newIntCarlu+=10 }
          if (newIntCarlu>=90 && newIntCarlu<=96) { newIntCarlu+=10 }
          carlu=String.fromCharCode(newIntCarlu)
          newString=newString.concat(carlu)
        }
        return newString
      } else {
        return string
      }
    }
    function decrypt(string) {
      var len=string.length
      var intCarlu
      var carlu
      var newString=""

      if (string.charCodeAt(i)==101) { 
        for (var i=1; i<len; i++) {
          intCarlu=string.charCodeAt(i)
          carlu=String.fromCharCode(48+(intCarlu-i+1)%10) 
          newString=newString.concat(carlu)
        }
        return newString
      } else {
        return string
      }
    }
    // -->
    </script>


    <form>
    Enter Number <input type=text name=cardnumber size=19><p>
    Encrypt / Decrypt <input type=checkbox name=encrypt onClick="encrypt2()">
    </form> 
    </html>

    Read more…
    • Comments: 0
    • Tags:
  • A new type of weapons-grade secure email

    Guest blog by Vincent Granville, first posted here.

    With email encryption being targeted by the government as if it was criminal activity (read the story about the Lavabit platform), this could be a great opportunity for mathematicians and data scientists: creating a startup that offers encrypted email that no government or entity could ever decrypt, offering safe solutions to corporations who don't want their secrets stolen by competitors, criminals or the government.

    Key on a sheet with encrypted data Stock Photo - 13903139

    Here's the kind of email platform that I have in mind:

    • It is offered as a web app, for text-only messages limited to 100 KB. You copy and paste your text on some web form hosted on some web server (referred to as A). You also create a password for retrieval, maybe using a different app that creates long, random, secure passwords. When you click on submit, the text is encrypted and made accessible on some other web server (referred to as B). A shortened URL is displayed on your screen: that's where you or the recipient can read the encrypted text.
    • You call (or fax) the recipient, possibly from and to a public phone, provide him with the shortened URL and password necessary to retrieve and decrypt the message. 
    • The recipient visit the shortened URL, enter your password, and can read the unencrypted message online (on server B). The encrypted text is deleted once the recipient has read it, or 48 hours after the encrypted message was created, whichever comes first.
    • The encryption algorithm (which adds semi-random text to your message prior to encryption, and also has an encrypted time stamp, and won't work if no semi-random text is added first), is such that (i) the message can never be decrypted after 48 hours (if the encrypted version is intercepted) as a self-destruction mechanism is embedded into the encrypted message and into the executable file itself, and (ii) if you encrypt twice the same message (even an empty message or one consisting of just one character), the two encrypted versions will be very different, of random length and at least 1 KB in size, to make reverse-engineering next to impossible. Maybe the executable file that does perform the encryption would change every 3-4 days for increased security and to make sure a previously encrypted message can no longer be decrypted (you would have the old version and new version simultaneously available on B for just 48 hours).
    • The executable file (on A) tests if it sits on the right IP address before doing any encryption, to prevent it from being run on (say) a government server. This feature is encrypted within the executable code. The same feature is incorporated into the executable file used to decrypt the message, on B.
    • A crime detection system is embedded in the encryption algorithm, to prevent criminals from using the system, by detecting and refusing to encrypt messages that seem suspicious (child pornography, terrorism, fraud, hate speech etc.)
    • The platform is monetized via paid advertising, by advertisers such as bitcoin and anti-virus software.
    • The URL associated with B can be anywhere, change all the time, or based on the password provided by the user, and located outside US. 
    • The URL associated with A must be more static. This is a weakness as it can be taken down by the government. However a workaround consists in using several specific keywords for this app, such as (say) ArmuredMail, so that if A is down, a new website based on the same keywords will emerge elsewhere, allowing for uninterrupted service (the user would have to do a Google search for ArmuredMail to find one website - a mirror of A - that works).
    • Finally, no unencrypted text is stored anywhere.

    Indeed, the government could create such an app and disguise it as a private enterprise: it would in this case be an honeypot app. Some people worry that the government is tracking everyone and that you could get in trouble (your Internet connection shut down, bank account frozen) because you posted stuff that the government algorithms deem extremely dangerous, maybe a comment about pressure cookers. At the same time, I believe the threat is somewhat exaggerated. While there is a risk for false positives, you will never be sent in jail for talking about pressure cooker recipes (at worst, you'll get a visit from the NSA - someone indeed did). While big data and big brother are getting bigger and more powerful every second, the number of available cells in prison is not increasing. Maybe it is even decreasing. So even if magically, millions of people suddenly wanted to become law enforcement, NSA, CIA or FBI agents (and the money was available to train and hire them), there is just simply not enough prison cells to accommodate more prisoners (US has the largest prison population of any country, measured as the proportion of people incarcerated at any given time).

    On the other side, many people seemed to be OK with increased regulations and more police. I think this is a side effect of living in an over-crowded world, with unsustainable population growth: the younger generation accepts or is forced into lower quality of life, having to share a small apartment with many roommates in over-crowded cities. They are more risk-adverse on average, and worry about all sorts of real issues such as increased terrorism, the risk of an epidemics, giant financial systems that could collapse under their own weight, pollution killing people at a younger age, etc. I believe eventually people will find solutions to escape from this environment, maybe by building floating cities, cities under the see, or underground cities. In my case, after many years of cubicle life and the morning and afternoon rat race (AKA the commute), I no longer drive to work, and have a much better lifestyle working from home 100% of the time - for the safest job one could ever wish to have: one that you created yourself, an adaptive, lean, agile enterprise that you founded yourself with a few great partners. But this is another story.

    Anyone interested in building this encryption app? Note that no system is perfectly safe. If there's an invisible camera behind you, filming everything you do on your computer, then my system offers no protection for you - though it would still be safe for the recipient, unless he also has a camera tracking all his computer activity. But the link between you and the recipient (the fact that both of you are connected) would be invisible to any third party. And increased security can be achieved if you use the web app from an anonymous computer - maybe from a public computer in some hotel lobby.

    Related articles

    Read more…
    • Comments: 0
    • Tags:
  • Organizations need better methods of authentication for their users to access corporate applications, systems and data sources during the normal course of their work.
    Read more…
  • Most will agree that despite the enormous amounts spent on secure Web gateways, anti-virus software, cloud-based malware filtering and the like, users are still the weak link in the security chain. The primary reason for this is that increasingly they are the targets, often supplying the bad guys with the information they need by posting detailed personal information on social media and other sites.
    Read more…
RSS
Email me when there are new items –

Messaging Events

Security
Tech