Why Cloud Copies Are Inherently Insecure

With ordinary email the “send” action is deceptive. What actually happens is that the message (+ attachments) are copied onto innumerable Internet computers, stored onto a cloud server, and then backed up and replicated / kept-forever. As a result, your information is unprotected and open to theft / copying / eavesdropping.

The problem with such ‘cloud’  file sharing methods is that even when they do employ encryption, they rely on insecure algorithms with the additional risk of exposed ‘central-server’ copies of encryption keys, client data and user-accounts. Our KeyMail application avoids each of these troubling vulnerabilities, using a comprehensive set of anti-surveillance measures.

For email systems (& cloud file-sharing), at least six types of vulnerability are present:

  • Cloud provider access (back-door)
  • Transmission provider feed
  • Communications eavesdropping
  • Account hacking (front-door)
  • User impersonation
  • Physical device infiltration

Notably for an email system with cryptography, then these dangers remain, and because long-term hacking risks are tied to data persistence.

Single-Copy-Send

When it comes to communications security, it is vital to understand that client data security is all about protecting copies.

For Absolute Security, KeyMail eliminates all third-party copies.  Accordingly—of the six classes of vulnerability listed above, with KeyMail 5/6 are rendered impossible. Ergo we have just one attack-vector left for the potential hacker—physical device infiltration. But this latter option is the most difficult to break into, requiring the attacker to traverse firewalls and virus checking software using highly sophisticated intrusion methods.

And for anyone who wished to avoid even this  latter kind of attack, the entire KeyMail system can run from a USB Key/Thumb/Flash-drive—a world’s first—where files go directly from one USB Key to another.

Threat Model

Today many organisations need to safeguard valuable digital products from commercial threats and leaks, or they have a legal requirement to protect client data privacy.

Our KeyMail application employs a comprehensive Threat Model; and our resulting Security Policies are truly world-leading. Importantly our Threat Model is future-proofed; because it does not persist copies of client data to third-party companies and/or the cloud.

Nobody, not even us—will ever—or can possibly—hold copies of your private data, encryption keys and/or user details—even for a fraction of a second!

 

000

Figure 1: KeyMail’s Protocol / Threat Model

 

In a nutshell, KeyMail offers the best protection with no digital footprints, and therefore no hacking chances. Protecting digital information from the dangers of multiple-copies and sustained storage-related threats is the Holy Grail of data security, and this is why KeyMail is Absolute Security.

Advertisements