An Interesting Approach to Encryption

Encryption is essential for communications and files that contain sensitive or confidential information, and it’s important on a number of levels:

  • ¬†Users and their employers need to protect sensitive content like intellectual property, trade secrets, marketing plans, and even content like embargoed press releases when sent through email or stored in the cloud.
  • They also need to protect content that is subject to privacy regulations like the GDPR in order to avoid running afoul of their regulatory obligations.
  • Cloud providers need their customers to use encryption to prevent governments from successfully accessing confidential files: if customers’ files are encrypted and therefore inaccessible to providers, that effectively lets them off the hook, since they have no access to their customers’ content.

PreVeil has released an interesting technology that is designed to encrypt users’ emails and files. The system offers end-to-end encryption of content using the¬†Curve 25519 and XSalsa20 ciphers, including email subject lines and file names (FIPS-compliant algorithms are also available). Every email and document sent through PreVeil is encrypted with a unique key and no key is ever visible to the server that stores the information. Users each receive a public/private key pair, with the public key stored on the server and the private key stored only on each user’s individual devices. All document creators digitally sign document keys to ensure the authenticity of the content they’re accessing.

A unique feature of PreVeil’s encryption technology is its use of “Shamir Secret Sharing”, a technique that allows the distribution of users’ keys among what PreVeil calls an “Approval Group”. Each user’s key is cryptographically fragmented and distributed among members of the group. While each of these fragments are stored by PreVeil on its servers, the keys used to decrypt each fragment are not stored in a central location. This provides an extra level of security that can help to prevent damage resulting from the takeover of an administrator’s privileged account.

PreVeil is designed to integrate with various email clients, including Microsoft Outlook and Apple Mail, and also offers PreVeil Drive, which the company bills as an alternative to Dropbox, OneDrive, Box and other file-sharing solutions.

Pricing for PreVeil varies from free for individual users that offers one gigabyte of storage, to $10 per user per month for 100 gigabytes of storage, to $20 per user per month for corporate users (five terabytes of pooled storage).

More information on the company is available here.


Went From Windows to Mac, Now Thinking of Moving Back

Back in 2006 I made a decision to move our business to the Mac. I liked the elegance of the Mac’s design and how everything “just worked” in a way that Windows — at least at the time — didn’t. Subsequent introductions from Apple proved me right: the iPhone, the iPad and Mac desktops and laptops work very nicely together. I can answer and receive phone calls, send and receive text messages, share passwords, and share data easily on any Apple platform. My iPhone, iPad and MacBook Pro will remember all of my Wi-Fi connections and reconnect automatically whenever I revisit a location. The interfaces are all elegant and well designed.

But then Steve Jobs passed away and, apparently, Apple’s almost maniacal obsession for good design did as well, albeit more slowly. The Mac still works, but just not as well anymore. The company has shifted focus to the iPhone and iPad, even more or less dismantling its Mac team back in 2016. New versions of MacOS are more like point releases, offering interesting new features and functions, but many are more gimmicky than they are useful. While not Apple’s fault, Microsoft Office 2016 is a major step backward compared to Office 2011, but users are more or less forced to “upgrade” because of Microsoft’s end-of-support for 2011.

While I still like the Mac, a recent failure of my iMac’s Fusion Drive (Mac’s combo of a solid state drive and conventional hard drive) has served as something of a trigger and brought me to the point that I am now seriously considering going back to Windows. The drive started failing in late June and failed completely in late July. Since I don’t have on-site service available from Apple (more about that below), I took it to my closest Apple Store. The iMac stayed there overnight and was diagnosed with a software failure that connects the two parts of the Fusion Drive. After Apple “fixed” the problem, and after completely reinstalling MacOS and all of the applications, everything was back up and running…for 11 days. A couple of hours on chat and the phone with Mac technicians resulted in the same recommendation: we will have to bring the iMac back to the Apple Store for diagnosis.

The good news: Apple offers on-site service. The bad news: in order for Apple to authorize on-site service they need to know exactly what’s wrong with the computer so the technician can bring the one part that needs replacing. And in order for them to know which part the technician needs to bring, the customer first has to bring their computer to an Apple Store to have it diagnosed. I doubt that most Apple Support personnel have ever read Joseph Heller’s Catch-22, but Apple’s on-site support policy certainly embodies its primary theme.

So, we are at a bit of a crossroads: stay with a Mac ecosystem that is in decline, or go back to Windows that, by all accounts, is much better than it was just a few years ago? I’d enjoy hearing your opinions.