Thanks for sharing aes.io. That's the first I've heard of this service. Since their a web app with client-side encryption, I presume their using javascript. If so, any idea how they address the problems mentioned in this post ( http://rdist.root.org/2010/11/29/final-post-on-javascript-cr... ).
Update: Looks like they are using some kind of embedded flash. Does that mean a flash or actionscript cryptography implementation?
1. all encryption/decryption is done in JS. BouncyCastle java source code is used (slightly tweaked for performance) - it is compiled into JS using Google's GWT compiler.
2. flash is only used for triggering file save dialog, similarly to downloadify, in browsers that do not support HTML5 alternatives. In Chrome, which supports <a download>, flash is not used (100% JS/HTML5)
3. problems mentioned in the post you referenced can be generalized into two groups: (a) hijacking the server to serve "trojaned code", and (b) inherent JS limitations such as the absence of proper PRNG.
Concern (a) is valid. However, most client systems have auto-updating software products installed, with auto-updating enabled (browsers auto-update themselves; anti-viruses and OSes do the same, etc. - the Flame worm was using Windows Update to sneak in, I think). It is a universal issue in the modern "connected" world, and most users have to live with this threat if they want to use the Internet in any meaningful way; I can't imagine a person eyeballing the source of every patch they compile/apply on their system.
Concern (b) is not really valid now, IMHO. As mentioned above, it is possible to use a solid open-source crypto library either directly (e.g. Stanford Crypto JS library) or compile one into JS, to use proper PRNG, etc. With proper testing (standard/published test vectors; cross-platform tests - encrypt in JS and decrypt in java, etc.) it is possible to make good crypto in JS. And things like side-vector attacks do not look relevant here, as the attacking code needs to run on the client, which means the client has been compromised already.
Thanks for replying. Excellent choice on BouncyCastle and it never occurred to me the clever compilation to JS using GWT. With that said, why not use the OpenPGP (RFC 4880) support instead of PKCS#1?
How about doing a ShowHN so we can get some more eyes on your new product? There are quite a few security folks here who can more adroitly chime in regarding the use of clientside JS. You may have seen this post as well, http://www.matasano.com/articles/javascript-cryptography/ , which was written by Thomas (user tptacek) who is quite active in participation here.
Will do ShowHN when I'm allowed to (getting "You're submitting too fast. Please slow down. Thanks.")
Re: OpenPGP vs PKCS1: historical reasons (have a well-tested code for PKCS1). If at some point it becomes clear that OpenPGP is much better, adding it won't be a big issue.
I am really weary of this. Apple, I accept you've had some innovative ideas but being a leader in the patent process and IP ownership is not something that many look upon favorably. Don't forget it wasn't too many years ago that Microsoft "invested" in you and really kept you afloat.
My Mac 128K has a frowny face most of the time these days and not because of geriatric ailments.
Firstly, Apple didn't invent IP ownership, pioneer it or is the leader of it by any stretch. That award most likely goes to IBM.
Secondly, it is a myth that Microsoft's 'investment' in Apple is what it kept it alive. That money was in effect a settlement with Apple to drop the UI lawsuits. What kept Apple alive was the iMac.
Apple presently has the most to lose due to the size of their bank account. I think when they were forced to settle with Nokia they realized you must play the game to win. The companies that have decided not to play to win are being naive in my opinion.
If Apple ever ends up in a situation where iOS is the only mobile smartphone OS left, USDOJ antitrust will probably obliterate them. No more facebook integration, no more app store, no more curtailing customer choice, and all of the other shenanigans Apple does under the curtain of "freedom of choice".
I'm pretty sure I remember reading in the Steve Jobs Biography that Steve admitted Apple wouldn't survive without Microsofts investment. At the same time, Bill seemed to agree that Microsoft would have been in quite some trouble if the UI lawsuits went through. So while the investment was indeed a settlement of sorts, Apple may not have survived to tell the tale without Microsoft's cash infusion.
Apple still had billions in cash when it accepted Microsoft's purchase of non-voting shares.
Microsoft's pledge to continue making Office and IE for Mac was way more significant, as Apple's share price had been going rapidly at the time. Microsoft showing faith in the platform put a temporary hold on that.
That gave Jobs the time he needed for rigorous reorganization. Gil Amelio had already fired thousands of employees. However, Jobs replaced the entire board of directors, most of the VPs and other high up execs. He discontinued most products, including the Newton MessagePad and eMate. He terminated the deals his predecessors made with Mac clone makers. And then he worked hard with the very best of the best within the company to create one or two new products a year, slowly building a strong lineup of profitable products.
Very interesting. This is a brilliant idea but I'm honestly surprised something like this wasn't done by RIM(Blackberry). This is a major market for Blackberry and they are still releasing new 2G phones(e.g. 9220 just released).
I feel like missing those sort of opportunities is pretty much why RIM is doing so poorly these days. It seems like they forgot what they are and what they do best.
Just an FYI but I'm fairly certain wdahher is Waseem Daher who is the cofounder of Ksplice. So if you're wanting to hear it directly from the "horse's mouth", this is probably a good place to ask some questions.
But this doesn't mean anything though right since all encryption happens clientside right? Oh...wrong service. This is Dropbox so they have the key on their end.
Wuala can deduplicate encrypted data. The encryption is a little bit weaker than standard encryption (because you can tell if two users are hosting the same file), but it's not possible to determine a file's content from the cipher text (if the file is unique).
What part of the US are you living in where ensure is not used? As an American living in the US, this would wind me up too! But for all "intensive purposes" some just don't know any better and don't have the "gaul" to "care less."
It is probably one of these things where Americans swung one way and Brits the other. Another example is http://en.wikipedia.org/wiki/Aluminium#Etymology where Americans use the original British spelling and the Brits use the original American spelling!
But insure and ensure mean different things - they can't be interchanged!
"How secure is MySocialCloud.com?
From day one, it has been our goal to provide the best security on the web. While we don't expose how we keep MySocialCloud secure (if we told you, it would be unsecured!), we do ensure that not even our employees are able to see any of your sensitive data."
One of their videos shows a bookmarket so I'm going to presume they're using that for somekind of encryption clientside with AES???
