With all the discussions around PRISM and Tempora the public realized that information is a valuable asset. So valuable, that some players even risk damaging international relations, just to get hold of every information possible. There are even laws that force US companies to comply with this scam. Forget about everthing you heard about security from large US companies. Information security and the current economical and political interests of major US government agencies do not go together.
So how does this in any way relate to tocario? When we started developing our deskMate technology we were very paranoid.
We are proud to highlight our solution to be “PRISM safe”. Why? – because we provide the highest level of encryption.
When Edward Snowden annonced that the NSA even collects large quantities of encrypted data everyone has been confused. They seem to assume to gain access to the private compontent of the key pairs (which way ever). In other words when they get the private key they are able to decrypt the whole communication later. Every evidence leaked so far supports this scenario. Ergo – privacy: gone, secure banking: gone
But every user and every administrator of an encrypted service is able to interfere with their plans. If both sides, for example a web browser and a web server, support a technology called “perfect forward secrecy” (PFS) the acutal session key for each communication is exchanged in a way that is mathematically irreversible (Geek Alarm: because of the discrete logarithm problem with huge numbers in the Diffie Hellman algorithm). So even if anyone can get the private key of a provider, the captured data is useless.
Every API communication between your client hardware and the deskMate cloud hosted desktop uses PFS.
Geek Alarm: The deskMate streams are crypted with a dynamic AES key that previously has been exchanged and calculated by the client. We even support PFS on our website. Depending on the clients browser the session key will negotiated using the PFS (tested for example with Firefox 21 and Chrome: TLS standard, DHE for ephemeral key exchange, RSA 2048 bit asymmetric encryption, AES-CBC 256 bit symmetric encryption, SHA signing).
With tocario, you decide what kind of footprint you leave in the Internet. You even decide if deskMate is allowed to have any outgoing connections into the Internet. The security of your information solely depends on the software you are running on your deskMate.