encryption

What is zero knowledge technology and why do we use it in HushApp?

by

It is difficult to choose the appropriate ways to protect our information, each application may have stronger features than another. If you want to keep an intruder as far as possible away from your files, then there are options available in the market that can help you. This level of protection is known as zero knowledge technology, but, what is it? How does it work?

It is important to begin recognizing the protection type we want for our files. We have the ability to choose who does or does not access them, but our security sense depends on the trust we have in others. For example, how could we ensure that a hotel does not use the master key of your room to enter and rummage through your belongings and even steal them? There should be a method to ensure that the hotel will not use this key.

The same happens in the digital world, when entering a service, you need to enter a password. Traditionally the server already has a coded version of the password, if it matches, you can access the system. The problem is that the server also knows your password. This is where zero knowledge technology could help you …

How does it work?

Zero knowledge, or ZKP (Zero Knowledge Proof), is a protocol used in encryption systems. It is a method established for one of the parties to prove to another that a statement (usually mathematical) is true, without revealing anything other than the truth of the statement.

To put it in simpler words, zero-knowledge technology uses encryption schemes that show if someone knows something without revealing what it is. For example, this is similar to when someone knows the answer to a riddle but does not reveal the solution. How can you prove that they really know the solution?  

There are two fundamental parts involved in this process, the “tester” who knows the information and the other, in this case the “verifier” who is convinced that the tester knows the information in question. To verify this, the ZKP protocol follows three basic properties:

Totality: the tester can provide the correct information and the verifier will be convinced of the truth of what he receives. Taking it to the digital world, a tester could be a user who places his password in an application, the application (verifier in this case) will receive the password of the tester (the user), without needing to know it.

Solidity: The only way to convince the verifier, is entering the correct information (or the correct password).

Zero Knowledge: The verifier knows that it is the correct information, but can not know the password.

A unique feature of this system is that it not only shows that it knows something to its interlocutor without revealing it, but if someone simply observes, they cannot verify or know anything about this procedure.

The interesting thing about ZKP is that it is a form of authentication where passwords are not exchanged, which means that service providers do not know anything about the data they store on their servers. It is also included in our HushApp!

HushApp and Zero Knowledge Technology

One of the most interesting HushApp features is that we use this technology to give greater protection to your confidential information. With this, you are certain that we do not have access to your information, passwords, or the files you store or send.

With this you get a more secure communication because only the user knows what he is communicating or what files they are sharing. When not storing your password, it is very important that you memorize it or keep it in a safe place, since if you lose or forget it, you will not have a way to recover it.

We invite you to protect your files easily and safely.

Try HushApp …

Technology as a tool to help protect your online privacy

by

It’s no secret that technology has made us more connected but also more vulnerable. To regain our online privacy, there are different complimentary methods. One way is to limit our online exposure by avoiding to post personal info. However, since we can’t practically live in a cocoon, we might as well embrace the power of technology by using it to better protect our digital lives.

As the founder and CEO of a cybersecurity company, I spend a considerable amount of my time focused on ways to protect both the online privacy of my customers, my team, and my own. It’s a bit like the surgeon who has seen so many car accident injuries: I am on guards for whatever new way hackers are inventing to steal people’s personal and professional information, and in awe of the damage they can inflict to someone’s reputation, financials, business and family. While we look for new ways to protect from new attacks, it’s also astounding how well-known “old” attacks are still in use, because so many people still are either not much aware of the online dangers, or forget to use basic protection means.

Of course each day it’s becoming less likely not to have at least some kind of awareness (think of the headlines about cyberattacks) and yet many individuals and even some companies think it won’t happen to them…until it does. In fact, most companies don’t find out until 6 months after the facts, that they have been hacked.

The two dimensions of data protection and online privacy:

There are two main dimensions to data protection and online privacy: one is to protect the perimeter, i.e. not to let the bad guys into your house, by locking the windows, the doors, and having good walls (that would be the real life equivalent of firewalls and intrusion detection systems). This is hard and in fact the bad guys tend to be one step ahead. The other dimension would be making sure that each of your precious jewelry is protected by a separate vault, and that only you have the key to each vault. Simplifying a bit, this is the real life equivalent to data protection via encryption.

The good news is that so far it’s the good guys who are winning the encryption battle. Of course there is a caveat: it depends what type of encryption you use (algorithm, key length, etc.) and how you implement it. Continuing the analogy: you should have a vault that is thick not thin, that has a sophisticated lock not a basic one.

Encryption: a strong tool for your online privacy. Now it’s even easy to use!

It used to be that using encryption was a hard thing to do, and thus only reserved to geeks. This was the traditional conundrum between security and convenience, where security traditionally came at the cost of usability. And we all know that if something that provides security is hard to use, people end up not using it and reverting to easier, less safe behaviors. Not any more. Several cybersecurity companies are working at making the life of their users both more secure and still very easy. It’s our case too.

At Syneidis we have created HushApp, which allows any user, without needing any technical skill, to easily and safely store any file (whether photos, PDFs or financial excels) in a very safe digital box, where each one is protected separately. It also allows sharing files in an easy way via the web, but with the important extra layer of protection, transparent to the user, which ensures that only the intended recipient, and no one else, will be able to watch the private information. This is of course one example only. Besides protecting your file, one should consider using a VPN, a firewall, etc.: security is a global matter and no one solution could cover all the angles.

People are the weakest link in online privacy protection. Are you?

In fact, while we ought to embrace technology tools that allow us to protect our online privacy, we need to be aware that unfortunately the weakest security link still tends to be…people themselves. So please be among the prudent ones: do you really need to post that photo on Facebook, which will tell burglars that you are not at home? Should you really send this excel with financial data by email or via some free cloud service? Should you really sync my phone camera’s gallery to Apple or Google clouds? I’m sure you know very well the answer to these three questions…But there are many more…How well would you fare on a cybersecurity awareness test? You can find out here with this short test whether you are an expert or a dummy in online privacy.

Kind regards,

Frederic Thenault

Read more related articles here.

How can my online law firm achieve reliability?

by Leave a Comment

Having an online law firm requires adapting to new technologies and new populaces. As long as there is a sector that does not trust to contact via internet, another important group will seek to solve their legal problems, often through the Web itself.

Both groups share the same concerns, the confidentiality of information and the agility with which their case is resolved.

The environment faced by online law firms

To achieve trust and agility in customer service, this type of law firm must adapt to needs that arise in the digital environment:

– New business models and new legislations adapted to the field.  

– Changes in the customers’ demands, who are growing increasingly used to the speed of online procedures.

A new lawyer’s profile, with the ability to take their work to digital transformation.

Regulations on the protection of personal data (GDPR for example).

The cybersecurity of the information handled by the office.

Some aspects to consider to improve the trust in an online law firm could be:

Access: Clients seek accessibility and flexibility from the lawyers, new technologies can help the firm to improve its services, using tools that allows them to connect them easier and faster with customers: video calls, text messaging, cloud storage and other online transfers are some examples, always taking into account the security measures necessary for its use.

Globalization: The advantage of being an online firm is having the option of reaching a wider audience far beyond theits geographical area where it is located,  locationas well as facilitating contact with those who are nearby,  which would allowallows them to save hours of travel, traffic, and money.

Do not lose personal contact: It is important not to lose personalized treatment, although technology allows work to speed up. In addition,  clients should contact the lawyer easily, and generate more confidence.

Digital and secure solutions: It is also necessary to use technological tools to streamline the management of internal work to in order to facilitate communication and ensure the protection and security of customer files. It is important to implement a system that allows the encryption of the files that contain customer data andwhile implement forensuring a secure file exchange.

Applications such as HushApp can help online law firms to protect the confidential information of their clients,  in an easy and secure way. Since it allows sending encrypted files easily and there is no need for the client to sign up.

Having an online law firm should not represent a threat to the safety of customers. , otherwise, tThe good use of digital tools will generate an approach to them,offer them an approach which will allow you to adjust to each of your needs. The most important thing is to have the right channels to earn their trust.

Meet HushApp: 3 things you can do with your HushBox

by Leave a Comment

Previously we introduced you to the HushApp, a web and mobile application that helps you send and store any file in an easy and secure way, but how? The answer lies within the multiple features that the app possesses. One such example is end-to-end encryption, which gives your files a heightened level of security. Another feature exclusive to the Android version is the HushBox. Further down we will explain the three things you can do with HushBox to effectively protect your data.

When you enter the application your first access point will be the Dashboard, a purple screen from where you can send your files. At the bottom of the screen the different sections available to you will be visible, the icon further to the left will take you to the HushBox.

What can I do there?

3 things you can do with your HushBox

 

Save files

When you enter, you will find a space where you can safely store all kinds of files: photos, videos, presentations, documents, etc. These files will remain encrypted in the device, ensuring that nobody but you can access the information within.
One of the advantages of the encryption method used by HushApp is that it encrypts files separately, which gives you both a higher level of security and easy access to individual files. You can open a document to view it, and when you finish, it will remain protected.

How to save them?
When you access this section you will have an option to add (orange button with the + symbol) where you can select folders or files on your device that you want to protect.

To get more out of your HushBox, when making a transfer, you have the option to choose to have that file automatically saved securely.

Sharing files

Sharing files securely from the HushBox is a simple action. You only have to click on the document options (the three points above and to the right) and choose “share”. Select the contacts you want to send your files to (even if they do not have the application, you can add their email address) and voila! your files were shared safely, and only those who you have chosen can access them.

Organize files

In the received tab, you can control the transfers that your contacts send you. These files will be saved in the inbox folder of your HushBox. From there you can organize them by folders as you decide with the peace of mind that all your information is still protected.
In HushApp, only you have control. Do you want to know more about how it works? Watch this simple tutorial. 

Any additional questions contact us through: [email protected]

22 frequently asked questions about how to share and send files in a safe way

by Leave a Comment

Every day new applications are sent to the market that allow us to send files to our contacts in a complete and timely manner, this means that sharing information in digital is part of our day to day. The problem is that we do not always do it the right way.

With the rise of cybercrime, many questions arise about whether we are taking the necessary precautions when sharing information, especially when it comes to confidential data. That is why we decided to answer the most frequent questions that are asked about this topic.

What you need to know about share and send files safely

1. Why is security so important to sending a file?

It is common to hear about large and serious leaks in high confidentiality data companies in the news. Today hackers have more powerful tools than ever that allow them to intercept valuable information. If you do not take the necessary preventative measures, the consequences could not only revolve around reputation but finances as well.

2. Is it wrong to send files by email?

Not bad as long as the information you send is not confidential. Take into account that emails with attachment are a bait used to infect with malwares the computers of the recipient.

3. How safe is it to send files with cloud services?

Cloud services currently have many options that streamline the file-sharing processes. However, we must bear in mind that they are also vulnerable to being intercepted by someone unwanted. It would be advisable to establish strong passwords and, if possible, configure double factor authentication.

4. Is it secure to send files by chats like Facebook Messenger, Telegram or Whatsapp?

Facebook Messenger, Telegram and Whatsapp are some of the most globally used messaging services, but they do not all share the same level of security. The Facebook chat is considered one of the least secure considering that it does not have an encryption system, not to mention that all conversations are stored. Telegram and WhatsApp, although having a strong encryption system, still put information at risk due to ease of use and virality.

5. Are files shared through services like Wetransfer or Mega protected?

These services are useful for fast heavy file transfers, but they do not involve maintain a high security level. Like other cloud services, files are exposed to being intercepted.

6. What applications should I use to send files securely?

We advise that you an application that allows you to encrypt files, while also guaranteeing you that their technology completely protects your files from the moment they arrive up to the point that they reach the chosen recipient.

7. How do I make sure I’m sending files in the right way?

Although there is no infallible system, it is crucial to find one the one that best suits your needs. You must spend time choosing the application that offers the highest security level and ensures protection in all transfer phases.

8. What is file encryption?

An encryption software takes data and creates a shell that makes it inaccessible and illegible for those who want to access without authorization. Encrypted information can only be unlocked with a predetermined password.

9. What is end to end encryption?

It is an encryption system that keeps the content protected in all phases of the process, only the sender and its recipient will have the access code.

10. How does encryption work when sending files?

The file is encrypted with certain encryption protocols in the device that it sends based on unique passwords and transfers it to the addressee. This makes addressee the only person who will be able to decrypt it.

11. What should I consider when choosing a program that protects my files?

The more encryption systems the application integrates, the more effective it will be. End-to-end encryption and zero-knowledge technology are great examples of programming that ensures that developers/hackers can not access your files or passwords.

 

send files safely
The HushApp is an application that is safe and easy to use, while also including end-to-end encryption.

 

12. How do I know that the files will be safe when they reach their recipient?

Ideally, the receiver should use the same security software so that received files will remain encrypted. Even if the receiver does not have a specific software, the file will remain secure until it is decrypted and downloaded by the receiver.

13. Is the server of the program I am using safe?

Depending on what you want to protect, you must increase or not the security level of the server you select. If the one you use works with military level encryption, with multilayer encryption or backup services, you can be sure that your information has the ideal level of security.

14. Is the server located in a secure geographic location (with respect to local information regulation / GDPR)?

If you are sharing documents with your clients, it is necessary to have total transparency of a file’s storage location. The new General Regulation Data Protection (GDPR) this information should be even clearer.

For this reason it is essential to seek local legal advice. This means that when selecting a file exchange provider, ask where those files will be located and which legal regulations they should operate.

15. What applications are recommended to be used in companies?

Adequate encryption systems for the transfer of secure files and servers with the highest level of security. It is important that they allow the participation of several users and that they also comply with local data protection regulations.

16. Is the application to send my files compatible with the workflow of a company?

It is essential that a company manages the information that moves inside carefully. In addition, the program must have multidisciplinary team management systems that can be easily adapted to the constant flow of information that exists in a company.

17. How can I control what is sent and shared within my company?

There are tools adapted to the business environment that allow you to manage the flow of information in the company easily and safely.

The HushApp has a version adapted to companies, with which you can exchange and send files in multidisciplinary teams in a secure way while controlling the access and management of other users’ permissions. In addition to this you are able to access a history of file transfers sent and received, all while complying with the current European legislation.

18. Are they easy to use applications?

It depends. It is important to choose an application that monitors security levels and offers a good user experience and usability. This allows for a simpler implementation and easy learning for employees.

19. Is it safe to work with FTP?

FTP file transfer is a system that many companies still use that allows the uploading of files to a server. This means that whoever needs to access these files can view them from another computer with a username and password. The problem with this is that a password is not as effective as the encryption, since it is only protecting the access and not the file itself. It is ideal to upload already encrypted files, even if it is a little more time consuming.

20. Is there another safer method than encryption?

So far, no, but there are different types of encryption that can vary the level of security and adapt according to what you need.

21. Is a premium account better than a free account?

Everything will depend on what each one offers. It is not necessarily true that a premium account is better than a free one, it must adapt to the needs of the shipment. The important thing to review is the actual security offered by each.

22. Are the documents that are worked on collaboratively safe?

Currently, there are online tools that allow more than one person to edit a document in real time. This type of functionality is very useful for work teams trying to manage time.

However, this type of service does not offer optimal security measures since there is no way to protect them while they are being edited. It is not advisable to work on sensitive information for the company in these type of settings.

Encryption for dummies: What is it and what is it for?

by Leave a Comment

Surely you have already heard news of cyber attacks and data leaks as it is becoming increasingly common. Any person or company is exposed to an attack of this type if the necessary security measures are not taken, but what are these measures? What can you do to protect your information?. The most used and effective method to protect your data is a system of encryption with which you can feel secure that your information is completely protected. Have you heard about encryption? Do you know how it works?.

If your answer is no, it is time for you to start taking cybersecurity more seriously and begin learning more about it. That is why we have prepared this post, in hopes that it will help you better understand and apply it in the daily management of your files.

What is encryption?

To explain it in a simple way, encryption is a procedure in which any type of file becomes unreadable thanks to an algorithm that scrambles

the files components. This makes it impossible for the file to be opened or decoded if you do not have the key to access the information. This  means that if an unauthorized viewer intercepts an encrypted file they will only be able to see a group of illegible characters, even if they manage to open it.

This system is not something new. Encryption has existed for many centuries, however, its modern use dates back to the First World War. During the conflict different blocks sent illegible messages back and forth to prevent the enemy from deciphering them in the case that they were intercepted in transit.

Encryption, Symmetric and Asymmetric what is it for?

The most common types of file encryption are symmetric and asymmetric.

The symmetric encryption system uses a single key to encrypt or decrypt, while asymmetric data uses two keys: one public to encrypt and one private to decrypt. In this way it is impossible to derive the private key from the public key.  

Advantages and disadvantages

It is important to highlight the level of security offered by data encryption. It is a much more powerful tool than a password (such as the start of the mobile or email), since they only protect access. Once the password is discovered, anyone with it has full access to the contents of the files. Encryption protects data directly, making it impossible to see the contents of files.

The only disadvantage to consider is the importance of not losing your password. After it is lost, all access to the data will be lost completely, as there is no way to change it. So all things  considered, the only additional requirement of encryption is greater protection of your passwords.

How is a file encrypted?

There are different levels of security that depend on the complexity of the algorithm used. Different encryption methods contain greater and lesser levels of sophistication and complexity.

At the user level, it is not necessary to use such complex tools. Currently there are applications that can help you encrypt your files both easily and quickly, while also to share them with your contacts in a secure way. This allows them to remain protected from the moment they are sent to the moment they are received.

We are the only ones responsible for ensuring the security of our information, so taking protective measures as a habit will help us avoid future problems.

Encryption is easy, check it with HushApp!