Several informative updates have been made to the Crypton.io website. They include:
- A Developer Guide that provides a window into the framework's use and inner workings.
- Simple copy-paste directions to get started using Crypton.
- Expanded documentation for dealing with accounts, sessions and encrypted storage.
- A new 'Zero-Knowledge' diary to show how easy it is to build encrypted apps with Crypton.
- Improved documentation.
- A data explorer that provides visibility into exactly how encryption keys, records and messages are being stored.
- New messaging between accounts with public keys (coming soon).
- Sharing of encrypted containers.
- Transitions from CryptoJS to SJCL and RSA to ECC.
- Faster account generation (smartphone compatibility).
- More secure authentication challenge.
- Refactored full code base.
- Improved documentation.
- Fully tested code base.
Crypton - The NEED
The question is often asked: What is the biggest risk to personal privacy? To Information Security? To the future of democracy?
As it relates to the to the Internet, the answer is always the same: plaintext data. Anytime plaintext or decrypt-able data lives on a third-party system -- as it does when using the litany of cloud technologies available today -- it is at risk of being examined and/or compromised. The ease of access enabled by plaintext data allowed companies to be compliant with recent NSA requests during the PRISM scandal.
"If you're business model doesn't rely on monetizing user data, then why store that data in plaintext?" asks SpiderOak CEO Ethan Oberman. "The liability of storing data is increasing daily. The PRISM story awoke people to the growing and associated risks around 'big data' and how it can be abused. And there will, of course, always be the threat of data leakage or theft. Whereas previously there was no accessible solution, Crypton represents a new way forward by providing a 'privacy-first' approach to application design and implementation."
Resolving the 'plaintext problem,' however, is not so easy. SpiderOak has developed intricate processes and downloadable applications capable of encrypting data locally and maintaining that encryption throughout the data lifecycle. Such technologies are critical for maintaining 100% privacy. However, as the technology world moves aggressively toward a Web-based orientation -- with the proliferation of apps and mobile devices -- the process by which data privacy is maintained also needs to evolve.
Solving the Plaintext Problem in an Evolving World
It was the culmination of these factors that lead to the creation and continued development of Crypton -- SpiderOak's 'Zero-Knowledge' open source application framework.
"It is time to stop thinking of privacy as a feature and start thinking of privacy as a platform," said SpiderOak CEO Ethan Oberman. "Previously, privacy could only live in the belly of a downloaded client which limits adoption and creates obstacles -- especially as the world shifts toward the web. Now armed with a way to push privacy further into the web than previously possible, the Crypton framework can serve as a necessary cornerstone in the development and continued advancement of this new privacy platform."
SpiderOak builds 100% private cloud technologies -- believing a person should be able to retain his or her privacy online. Our 'Zero-Knowledge' Privacy Standard ensures absolute confidentiality between you and your data, everywhere, every time and from every device. With SpiderOak, you maintain ownership over your data in a centralized, managed and fully protected environment. SpiderOak: we've got your back(up).