Tag Archives: shared host proof hosting

Obama Gives Privacy the Spotlight

The 73% of Americans who use the web may be interested in reading just what tech-savvy President-elect Obama has planned for the future of the cloud and how it pertains to an all time Passpack favorite – privacy on the web.

Safeguarding Internet user’s right to privacy in Web 2.0 is not
always top of the agenda – after all the “social web” is somewhat
public ground, isn’t it?

You know how public information on the web can be if you:

  • post pictures to Facebook
  • tweet your mood on twitter
  • post opinion comments on blogs

But did you know this information could be just as public:

  • social security numbers
  • access codes
  • PIN numbers
  • emails/personal messages
  • confidential client info
  • passwords

All of this personally identifying information lives and circulates on the same web as do your holiday photos and favorite Amazon books.

That’s right, the new Chief Technology Officer that Obama will appoint has got his work cut out for him.

Sharing Privately

It may almost seem like a contradiction of terms but you already have an idea of how it works.

Let’s say you put your photos up on Flickr but don’t want everyone seeing them. You go to your Privacy Settings and decide who can read and see your stuff. Most social networking apps have privacy restrictions.

But there are some things that you want to share with everybody and some things that you want to share with fewer people or maybe just one person and no one else. Not even a server : )

*Remember you can limit your personal info down to networks, friends, individuals and even for your eyes only BUT any info you put on the Net, lives somewhere on a server. So how private can sharing really be?

Well, what if you made it so that anything you don’t want everyone seeing leaves your computer encrypted? So your driver’s license number, your PIN number or your passwords actually leave your browser encrypted, travel encrypted and get to your recipient encrypted so that the only person who will ever be able to read it is the person you are sending it to and no one else. Not even a server : )

Oh, shared host-proof hosting – you may have found your voice in the 44th US Presidency.

Advertisements

Shared Host-Proof Hosting

In order to understand how shared host-proof hosting works, we need a quick overview of host-proof hosting – what it is and why it has gained such standing in online privacy matters.

The Need For Privacy Online

Whenever you send anything over the internet, your data is exposed. The sites you visit, emails you send, videos you watch all become part of the vast web. Your info travels across many networks until it finally reaches its destination but how safe is it really when via transit and when it reaches its recipient?

Rule of thumb – information that you send in a standard email is just like writing info on a postcard. It can be seen by anyone with the right tools and the wrong intentions.

The Need For Host-Proof Hosting

Some things can be written on a postcard:

  • appointment reminders
  • birthday wishes/friendly letters
  • casual documents

Some things can’t be written on a postcard:

  • confidential information
  • PIN numbers
  • passwords

This is where host-proof hosting comes in. Host-proof hosting is a security pattern which allows you to encrpyt your data before it even leaves your browser. Client-side encryption ensures 100% data privacy so sensitive info like your passwords, can have a safe trip across the web and remain just as safe on the server.

For more info on host-proof hosting, take a quick look at this post.

Sharing Privacy

It wouldn’t make much sense to have a web based on host-proof hosting or encryption, especially in a social web. Online identities are created by what we post to the net. There are certain things we want to share. There are certain things we want to keep private. And there are certain things that we want to share AND keep private.

Here’s where privacy and sharing become important

  • you and your colleague(s) need to access the same merchant accounts
  • you and your spouse both access online accounts for the ‘household’
  • you manage several different clients and you need to share certain web accounts

What do all of these scenarios have in common? Each one of them sees the need to share sensitive info in a secure way. How do you do that on the web without just sending a password or access code via email or skype?

Ideally you would find a way to send delicate info to one other person so that only you two can read it and no one else. How would that work?

Shared Host-Proof Hosting

Shared Host-Proof Hosting is the basis for Passpack Secure Messaging and Passpack Sending Password Entries where you can send passwords, password entries, notes and more in complete confidentiality. This means that only sender and recipient can read what is sent.

Shared Host-Proof Hosting is a security pattern based on Host-proof Hosting which uses both 1024 bit RSA public and private keys as well as AES 192bit encryption and it works more or less like this:

Jane wants to send Jack a message. First she needs to generate her set of RSA public and private keys and so does Jack. This may sound difficult but not to worry, it is all done automatically
just by pressing a button. Ah, the wonders of modern technology! She and he do this one time only and these keys are how sharing is made possible.

Then Jane needs to invite Jack to her Ring of Trust, a series of trusted contacts that Jane has chosen. Jane sends Jack the AES 192bit key they will use to exchange messages from that point on. She does this by using Jack’s RSA public key.

Once Jack receives this, he decrypts it using his RSA private key. Then both Jane and Jack have the same AES key to forever exchange messages. This means that all encryption is done on the client-side, as well as all decryption.

All of this generating, encrypting and decrypting happens ‘behind the scenes’ so don’t worry, neither Jane, Jack or you need a degree in cryptology in order to feel safe online : )

Say That Again?

In simple terms, if Jane wants to send something to Jack and doesn’t want anyone to read it in transit, or when it is on the server she sends the info encrypted.

Jack needs to decrypt the info Jane sends and vice versa in a way that only he can read it and no one else. So when they first decide to “be friends” and enter into each other’s Ring of Trust, they have personalized “keys” created which they will later use to decipher what the coded/encrypted/private message is they are receiving.

And from then on they are able to easily exchange sensitive info at liberty without worrying about who else can see it.

Now keep your friends close and your passwords closer. And start sharing the right info with the right people.

Passpack Releases Secure Messaging

If you are still not sure how to securely send login information to your clients, the electricity bill account codes to your wife or surprise birthday party information to your friend – now you can send (encrypted) messages to users of your choice with Passpack Secure Messaging!

Redefining Privacy

How much information do you send to colleagues, family and friends over the web everyday? How much of it would you prefer not to? We don’t always have a choice and sometimes certain things that should remain reserved, travel the web for anyone to read. Passpack wants to give you that choice with Secure Messaging. Redenfing privacy is a big task, but Passpack is willing to take that step and lend a hand to help privacy evolve.

Not just anyone will receive your messages – only the people who you choose – those in your Ring of Trust. Your Ring of Trust is sort of like your internal Passpack contact list and should include only the people you know. As much as we love networking sites like Facebook and Myspace, Passpack’s sharing is not designed to work like them. The objective is not accumulating friends – no one would see them anyway! Passpack Messaging gives users a secure means of communication for things that you may have otherwise had to whisper!

Now It’s Up To You!

Your passwords are already protected with Passpack, now your messages can be too. So to start adding people to your Ring of Trust and start exchanging messages, take a look at Dani’s “How to” post.

As we have mentioned before, this is one of the many Passpack features we want to offer you, so you can expect many more additions. As for now, please let us know how you would like us to enhance your Messaging experience.

We work off your feedback so leave us a comment or a suggestion!

Using Passpack Secure Messaging

With the release of Secure Messaging just around the corner, here’s a preview of what to expect, and a quick guide on how to get things set up and how to use it.

Activate Messaging: First Things First

Once you are logged in, go to your Settings page and click Activate Sharing (Messaging is the first feature of Sharing), the system will ask you which browser you use. You actually only have to choose between Internet Explorer or all the others (Firefox, Safari, Chrome, and so on). If you use IE, well, you’ll have to wait about a whole minute until the process completes. Do not panic! Especially if in the meantime your browser continues to ask you “Do you want to stop the script from running?”

Say NO and be patient : )

script running

The first time you activate Sharing, you are actually telling Passpack to create a 1024bit RSA (public and private) key. This is an asymmetric key algorithm which takes a little longer to generate.

The RSA 1024 bit can result in slow Javascript processing depending on which browser you are using. Chrome and Safari can handle it with no problems, Firefox is a little bit slower, and Internet Explorer is just a snail.

Your Community Name

The second step consists of choosing your Community name.
There are a couple of reasons you need to choose it wisely:

  • You will NOT be able to change it later
  • It’s the only way friends can add you to their Ring of Trust
  • It is how you will be identified in all Passpack sharing features

So, write your Community Name, check the spelling at least twice, and then confirm.

Adding people to your Ring of Trust may not be as easy as adding friends on other social networking sites, but hey, you’re not on a social network! You’re on Passpack, managing secure messages to and from “real life” people. It’s not about accumulating.

In your manager you will now see the tabs for People and Messages.

Inviting Friends

The first time you invite a friend you will be asked to accept terms and conditions. Take the time to read those few lines, it’s only a one-time message. Then write your friend’s community name. How do find your friend’s community name? Ask him – he should already be a friend of yours. This is not a system to find new friends. ;-)

Once you know it, type it carefully, in order to protect yours and his privacy, you’ll not be prompted if the name you wrote doesn’t exist; the same if your friend doesn’t accept your invite. You’ll receive a confirmation only if your invite is accepted.

While you’re waiting for your friend to accept your invite to be part of his Ring of Trust, you have the possibility to send him a short message and start a conversation. It’s not really a chat, but if he replies instantly, you’ll receive the message in a short while. It should be used only to assure each other that you’re adding the right person. Ask him something only he can know, such as where did you last meet, or which drink you had the last time you went out together.

Once you’re sure you’re adding the correct person to your Ring of Trust, and he has accepted your invite, you can go to the “Messages” tab to send and receive secure message. Yes, you can also send the key of your heart to your beloved, because nobody else will be able to read it but her.

Start Messaging

Sending a message is really intuitive, all you need to do is type out your message, then select who you want to send it to, from the drop-down list. Or you can click on the little envelope next to the name of one of your friends, and you will be taken to the message screen.

Like with your password, you have the option to hide or show the messages you send and receive with your friends. By default they are hidden, click Show to see them.

These messages are stored for a week, and then will be deleted. This is not an archiving system, like an email account. This is a private exchange of data, that is not to be stored. But you can keep up to 5 messages by *starring* them and setting them as favorites.

Let’s add privacy to our online identities and let privacy evolve.

The Evolution of Privacy

Online Identity is a topic close to my heart. Passwords may be directly related to authentication — but Passpack’s relationship with Online Identity runs deeper than that.

Let me share with you our ultimate vision for Passpack: in our personal lives, we all have public and private spheres. The latter is completely missing in our virtual life. Passpack wants to give you back your privacy.

What Privacy Is

Privacy is the right to choose what to share, how much of it we want shared and with whom.

Privacy is not secretive. Privacy is not having something to hide. Privacy is not asocial.

Web 2.0, better known as – the social web, is based on a mass collective exchange of information – and one perfect example is lifestreaming.

Your online identity is diffused across various social networking platforms – by nature they are limited in privacy. This is by no means implying such platforms don’t follow privacy standards but applications like Facebook, Twitter, Myspace, FriendFeed are born specifically to share information beyond your ring of contacts.

But, sometimes we need to share things – like personal messages, health records and so much more and we need to share these things with particular people in complete confidentiality. Being able to do so… that is privacy. And it requires one key factor – Trust.

The Ring of Trust

Welcome to The Ring of Trust. It may not sound familiar, because it hasn’t existed until now.

Trust is that area that overlaps public and private. It’s pulling a select person or company into my private sphere long enough to entrust them (and only them) with something. I know that they will keep it confidential and will not share it with others. If they live up to my expectation, they may earn more excursions into my private sphere. Some people earn a permanent slot. But I decide.

As a professional, I need to share sensitive data with my colleagues and not wanting to send it to them by email (knowing they are just like online postcards), I would invite them into my Ring of Trust.

Privacy: Beyond a Concept

Passpack is and always will be an online password manager and now we will also take on the responsibility of being an online privacy manager as well. Privacy is not only made up of passwords, it’s made of people and powered by technology.

This technology is what we have called Shared Host-Proof Hosting*. It finally gives users the unique experience of securely exchanging personal information, adding the necessary private sphere to our (sometimes too) public identities.

I am sure that I am not the only one who has felt the essential need for a new concept of privacy. And now,  we have an answer to fulfill just this need.

Let privacy evolve. Let’s start building our own Ring of Trust.