KEYMAIL is a new way to transfer sensitive and confidential files directly—or by Single-Copy-Send—across the Internet.
KeyMail has taken us over 5 years of full-time effort to build and test—consisting of 75,000 lines of specialist security code and millions of lines of included code. But why did we expend so much effort building a product which simply moves data directly, securely and reliably from one computer to another? What precisely is the nature of the problem that KeyMail has been designed to solve?
To find the answer(s)—we begin with—a brief Cybersecurity: State-Of-The-Union.
Put simply, the field of Cybersecurity is currently experiencing a major of Crisis Of Confidence—and in terms of the questionable truth/validity of its most fundamental premises, assumptions, arguments, and conclusions. Furthermore the usefulness of its endorsed security techniques are in doubt.
Whereby data breaches, hacks, system exploits and computer intrusions—on the Cloud—are now common-place. Despite promises to the contrary—many Cloud Systems are hopelessly insecure and/or posses only weak security protection—as evidenced by the large number of data-breaches detailed below.
Over a Billion Data Breaches!
According to Business Insider—in 2018 Private Personal Data and Confidential Business Data was hacked—1.4 Billion times! And all of these data intrusions—happened on Cloud Systems.
Major Cloud exploits from 2018 are shown below.
- Mariott Starwood hotels — 500 million
- Exactis — 340 million
- MyFitnessPal — 150 million
- Quora — 100 million
- MyHeritage — 92 million
- Cambridge Analytica — 87 million
- Google+ — 53 million
- Chegg — 40 million
- Facebook — 29 million
- Ticketfly — 27 million
Table A: Top 10 Data Breaches (2018)
[Figures are for individual Customer Records compromised]
Many questions arise—as to how such a mind-boggling series of lapses in information security could happen. Is it not the case that many, if not most, of the Customer Records were protected by means of encryption, firewalls, security questions and User-ID passwords etc?
The answer is that yes—the systems in question—were all protected by a full range of security measures. But the problem is that a Cloud system can typically be hacked far more easily, and comprehensively, plus and on a far larger scale; than a Non-Cloud system. This is because of certain inherent design weaknesses that are common to all Cloud Systems—as explained below.
The question arises… Why is the Cloud so insecure?
To find the answer—we go must back to the first principle(s) of Data Security. And open-up its most fundamental definition.
What exactly is Cybersecurity?
Cybersecurity… is all about protecting COPIES.
For example including copies of: Client-Data, User-IDs, Computer Node-IDs, Passwords, Encryption Keys, and Entry-Locking Questions etc.
Any effective Security Audit asks:
- Where are the Copies?
- Who can access each Copy?
- How long do Copies hang around?
Finding the answers to these important questions enables us to judge how well an item is protected in terms of Privacy Status.
Why Cloud Security Fails
Cloud Copies—of Client-Data—are stored for long periods of time—possibly forever. Such Copies are vulnerable to attack; by means of stolen User-IDs, Passwords and Keys etc.
As a result on a Cloud System—Front-door and/or Back-door Hacking—becomes an ever-increasing possibility over time. This is because—Cloud Copies must endure—a constant barrage of new Cyber-attacks—and it is simply not possible—or at least highly unlikely—to successfully defend against such attacks forever.
A typical Cloud system is connected to all kinds of secondary networks and backup systems that—in effect—ensure that many secondary Copies of your private data will be created. And the number of such Copies may be gradually increasing over time due to ongoing replication processes.
THUS IT IS BY NO MEANS CLEAR PRECISELY WHO OR WHAT IS RESPONSIBLE FOR—AND IS/IS-NOT SUCCESSFULLY PROTECTING—ALL OF THESE CLOUD COPIES!
CERTAINLY NO SINGLE PARTY CAN BE READILY IDENTIFIED TO EVEN ASK HOW MANY COPIES ACTUALLY EXIST OF YOUR MOST CONFIDENTIAL ITEMS.
Peer-To-Peer to the Rescue
When using a Peer-To-Peer (P2P) file-transfer system such as KeyMail—Client-Data is transferred by Direct Transfer (P2P method using end-to-end multi-encryption).
In other words the Copy is evidently communicated by: Single-Copy-Send.
As a result—ALL COPIES (two only)—achieve Absolute Security with apparent ease. And because on a P2P system there are no long-lived third-party Copies located on public networks that are forever open to attack.
With a P2P system Client-Data Copies are protected and safe so as long both the Primary Copy and Secondary Copy are secure on SENDER plus RECEIVER computer Nodes (ref. Media of Storage and Access). In other words we must ensure that SENDER plus RECEIVER computer(s) are: A) Access-protected; and B) Protected by potent Firewall/Virus-checking and anti-Malware system(s).
Any home is only as safe as its weakest wall/locked-door.
Bigger Brain versus Absolute Security
Rather than attempting to out-think and/or to have a bigger-brain than an attacker—and thus work to protect vulnerable Cloud copies; with KeyMail we adopt two standard military based strategies, named as camouflage/misdirection and also the difficulty an attacker has in hitting a moving target.
KeyMail employs both of these techniques to good effect. Other systems leave multiple stationary copies of client-data in the ‘Cloud’—including messages/payloads/keys—which are open to endless new hacking-attacks forever-and-a-day. Whereas KeyMail has only local-copies of client-data, plus uses Single-Copy-Send which exposes the payload to attack only for a very short time-window: during real-time transfer.
In this manner, we create a private/stealth network, the same being one that employs an end-to-end duel-layer encryption. The upshot being a secure communication service that is, so far as is possible, invisible, unbreakable and/or beyond an attacker’s reach.
Private, Decentralised and Safe
KeyMail is a new kind of secure electronic mail; facilitating open-network (or WAN/Internet) sharing of private, secret and commercially sensitive files/folders with close-friends and trusted-colleagues.
The problem with other email and file-transfer systems is that even when they do employ encryption, they rely on central-server techniques which have been proven to be insecure and based on faulty assumptions and compromised algorithms.
KeyMail avoids all of these troubling vulnerabilities; but KeyMail is not a replacement for email, rather it is used when you must be absolutely certain that there can be no possibility of spying, hacking and/or lost/compromised data.
Ordinary email is open, centralised and insecure; whereas KeyMail is private, decentralised and safe.