Fight Hackers with Encryption
With all the focus on tech IPOs that reward gaming and chatting, it’s nice to see a company dedicated to privacy getting a little of bit of venture cash behind it. With just $1.5 million raised so far, CertiVox is still a tech minnow, but its idea is a solid one: people need to be able to trust that some privacy online is still a possibility.
Remember all that spam e-mail for male enhancement and mysterious lottery winnings? Most people have become wise to the classic spam or phishing schemes, and hackers have stepped up their game. The new tactics are spear-phishing (researching and targeting specific users) and whale-phishing (targeting executives who have access to the most information).
One way this works is for hackers to research their target in the social network, pick one of the target’s “friends” and set up an e-mail account that looks like it belongs to the friend. The target won’t think twice about clicking on the malicious link that comes in from their friend. With this tactic, some hackers seek to simply create mischief, others are targeting corporations.
Recently we wrote about a particularly worrying study on corporate security breaches – think Sony, Lockheed Martin and Citigroup. The data shows that the problem lies largely with employees’ mobile devices and the completely unencrypted transfer of information. People are using Facebook, sending e-mails and clicking on links, all of which results in a public transfer of information that can be intercepted. Hackers bet on our complacency and “that’s just how the internet works” attitude and win every day.
Now comes CertiVox, whose goal is to provide government-grade encryption to corporations and your web browser. Their new (and free) PrivateSky plug-in allows you to encrypt what you do online and show it only to those for whom it’s intended. Your e-mail is no longer an open postcard and your Facebook rants stay private. For corporations, there are more robust solutions for the entire network.
A concern here is that a good encryption product, one that does not allow the product’s creator to see the message, could fall into the hands of criminals. Governments can crack highly sophisticated encryption programs, but at what cost in time and money? If CertiVox gets big enough, will it have to cough up its code to government authorities in order to keep going, as Research in Motion did in India?
While we don’t vouch for CertiVox’s reliability or competitiveness, it’s certainly a step in the right direction that such a company is able to raise cash to keep itself going.
(Photo Credit: Sasha Wolff)