

Ask HN: Any startups working to capitalize on the coming privacy boom? - hoodoof

Big opportunities are opening up for companies in a position to offer services free of government snooping. Are any startups in the community specifically oriented to this market positioning?<p>Any big company or non- U.S. government seems likely to ask the question &quot;If we move our tens of thousands of users to service X or service Y (i.e. gmail or Oracle)&quot; will our data be gathered by the U.S. government? If the answer is yes, or &quot;maybe&quot; then surely they&#x27;ll look for &quot;snoop free&quot; alternatives.<p>Is anyone working to become the snoop free alternative?
======
codex
Is the privacy boom a foregone conclusion? The Internet has a history of
overreactive paranoia when it comes to change.

Example #1: I remember a huge privacy backlash when the first social
networking site opened. It was a combination of Facebook and Linkedin, yet it
was _more_ private than either of them. People were absolutely livid about the
privacy implications. This site, Six Degrees, opened in 1998-fifteen years
ago, and shutdown soon thereafter. However, over time, the boogeyman many
feared never materialized, and people became more open about sharing online.

Example #2: Later, when the DMCA was proposed, it was claimed that it would be
the death of the Internet. The DMCA has been law for more than a decade, and
the Internet still lives.

So, based on past examples, I predict that people will stop caring about NSA-
type programs when no harm ends up coming to them from wholesale data
screening on the part of the government. Once can only be afraid of so many
things at a time, and new scares will eventually pop up.

------
ecto
We (SpiderOak) have been working on a framework called Crypton[1] for the last
few months that allows you to create cryptographically secure web apps. We're
trying to get the 0.2 release and new website[2] out this week.

I'm currently the only dev on the project and we could always use more
eyeballs. I'm working through a code review right now to improve the existing
features, but I'm also half way done implementing shared containers and
realtime public key messaging. The idea is that you don't new to understand
the crypto if you use the framework. We are in the process of getting a
professional security audit.

[1]
[https://github.com/SpiderOak/crypton](https://github.com/SpiderOak/crypton)
[2] [https://crypton.io](https://crypton.io)

~~~
hoodoof
What about the security of the host your system is running on?

~~~
ecto
This is obviously an issue. Users are never going to read and verify every
line of code that comes over the wire, so in the end it comes down to trust
and vigilant sysadmins.

------
DigitalSea
I don't think any service can claim to be 100% secure from NSA spying. Are we
forgetting the claims that the submarine USS Jimmy Carter is used to tap into
under sea fiber optic cables to intercept traffic from numerous web services
and communications? Considering military technology is most likely 5 to 10
years ahead of civilian technology, we can't assume anything is secure or
private any more. In computing power years, 5 years is a long time to
research, test and refine hardware capable of breaking supposedly secure
encryption schemes.

So while some startups might claim to be NSA snooping free, they don't control
the traffic while in transit, it's that middle-layer that's free game for the
NSA to tap into and store without anyone being any wiser.

Having said that I have seen tonnes of services start to capitalise on the
whole NSA fiasco, namely Duck Duck Go and their billboard ads propping
themselves up as a secure Google alternative. And while they might not store
searches, that doesn't stop the Government from doing it...

~~~
conformal
i think it's more like 10-20 years ahead, but point taken :)

~~~
DigitalSea
Yeah, I didn't know the exact figure. I just knew it was quite ahead of public
technology, it's quite a gap when you're talking about hardware and scary as
well.

------
bredren
While there may be more opportunity in focusing specifically on privacy, our
startup, Gliph, has explored this space quite a bit. We built Cloaked Email
[0], which provides privacy over email. We also built a novel system for
connecting with people without revealing personal information. [1]

Focusing specifically on data privacy, we currently provide a robust cross-
platform secure messaging tool that allows users to turn off password reset.

Another startup to look at is Abine, though their solutions are not focused on
encryption.

I believe that all startups will need to take privacy into account and wrote
so much in a guest blog entry for TRUSTe titled "Make Privacy a Strategic
Asset for your Startup." [2]

[0] [http://lifehacker.com/5935180/gliph-creates-disposable-
email...](http://lifehacker.com/5935180/gliph-creates-disposable-email-
addresses-for-private-messages-and-encrypted-chats)

[1] [http://blog.gli.ph/2012/05/31/introducing-gliph-app-
version-...](http://blog.gli.ph/2012/05/31/introducing-gliph-app-
version-1-2-powerful-privacy-for-iphone/#lockdown)

[2] [http://www.truste.com/blog/2012/06/06/guest-blog-make-
privac...](http://www.truste.com/blog/2012/06/06/guest-blog-make-privacy-a-
strategic-asset-for-your-startup/)

------
rsync
Happy Birthday, hoodoof - it already exists:

[http://www.rsync.net/resources/notices/canary.txt](http://www.rsync.net/resources/notices/canary.txt)

Actually I just reread the title. We've been doing this since 2001, so we're
_not_ a startup.

Never mind.

~~~
mvanveen
Doesn't this beg the question about larger issues, e.g. NSA man-in-the-middle
attacks? I think rsync.net's warrant canary is top-notch and a leading example
of a good privacy / transparency policy put into practice, but it's just one
piece of a much larger set of strategies, no?

Anyone presenting a silver bullet, much less circumstances where trust of
another entity is required, is somewhat dubious.

I think answers to said larger strategies are largely missing and the OP's
question is probably speaking to these as of yet outstanding issues.

~~~
rsync
Well, a deeper strategy would be to avoid a suspect technology (SSL, PKI in
general) and rely on something both simpler and (we think) more secure: SSH.

Unless your system is rooted, or the NSA is building backdoors into _all_
operating systems, you have good assurance about the safety of your SSH
connection.

So, setting aside our firm for a moment, the general case would be a rational
endpoint that you control (maybe us, maybe S3, whatever), a secure channel
(SSH) and good encryption tools (duplicity, git-annex[1], hashbackup,
truecrypt).

So while I _was_ being flip in my original response to the OP, I am now
seriously proposing that this all already exists and can be procured from many
different providers - a lot of whom can and should be considered "nsa
friendly" or even outright hostile.

[1] [http://git-annex.branchable.com/encryption/](http://git-
annex.branchable.com/encryption/)

~~~
hoodoof
It's fairly easy isn't it to get access to the hard disk of a hosted machine?

------
pallavkaushish
SmartSignin ([https://smartsignin.com)is](https://smartsignin.com\)is) a young
startup and has been focusing on Privacy and security since its inception.
Most of the security conscious people won't trust any Single Sign-On
application as they have single point of failures but with SmartSignin there
is no single point of failure. We are so sure about our technology that we
even guarantee you 100% privacy and security (literally!!).

How we do it? Firstly, we follow client side encryption. Secondly, we don't
store anything in plain text on our server, everything is encrypted (actually
we hardly store anything). Thirdly, with the help of our patent pending
SmartKey technology we are able to manage encryption keys so effectively that
even if a hacker gets into our server he will only find junk and useless data
which he won't be able to use.

We have something apart from password called cryptphrase which is required to
login and it helps in generating the private key of the user to decrypt his
data. As only user knows the cryptphrase no one apart from the user can see
his data thus giving him complete privacy. Nobody not even NSA or people at
SmartSignin can see the critical information of users. And if you think we are
bluffing check the following post: [http://blog.smartsignin.com/how-to-troll-
nsa-and-take-comple...](http://blog.smartsignin.com/how-to-troll-nsa-and-take-
complete-control-of-your-privacy/)

It might look cocky if we say we are hackproof but theoretically we are.

Check us out. :)

------
lsiebert
It's not the U.S. Government you really have to worry about. It's
Transnational corporations. You pass a law saying that the U.S. Government
can't do the NSA firehouse drinking, it stops.

To stop a corporation you have to consider it's relationship with other
companies. Can it get the same info by having a subsidiary or partner
elsewhere? So then you ban it from receiving such information in the US. So it
moves outside the US, and still does it.

And all the time that their vast databases are generating revenue they have a
firehouse. Not of data, but of money for lobbyists, campaign contributions,
think tanks, advisers to NGOs and international trade groups, and so on.

And it's not enough for you to say no, even if all the above is true. Your
friends want to post a pic of you to facebook. Metadata about everyone you
know is also metadata about your interactions with them.

Or heck, maybe you want to say no, but you can't. Your company says you have
to friend them as part of your contract.

And I am sure that isn't all the scenarios.

Protection from corporations is where the privacy boom is going to be. Privacy
will be something you have to afford. There will be free, targeted ad
supported services, perhaps even locked down proprietary devices, and they
will be lauded for how they help the poor get online.

Oh and once that data is out there, saying it's anonymous but being about to
identify you from your browser profile or whatever, it's never going to be
deleted.

------
mvanveen
A "snoop free alternative" demands a transparent implementation that can be
verified. Otherwise, how can we trust the claims of being "snoop free"?

The extent that we can verify a system is the extent to which we can trust it.

This makes me think that free/open source software solutions are going to
become an integral piece of whatever solution such companies are attempting to
offer.

Going a bit further on the idea of verification, I'm curious why there aren't
any organizations or companies I'm aware of which are dedicated to providing
this sort of verification of open source systems out in the wild. Is it just
that most of the talent for this capability is sequestered into the infosec
consulting market, for example, or does it have to do with the difficulty of
actually verifying said systems? Are all of these entities instead focusing on
the offensive and just selling off 0day exploits?

~~~
avifreedman
Finding the problems with FOSS (or really any body of closed or open source or
object code) usually requires at least challenging assumptions (not "oh yeah I
sort of see what's going on" but digging in) or real creativity.

The thing that seems to drive that is profit or geek-respect motive, so the
folks doing said verification would need to be probably not your average bear
doing a job or even person pretty interested but multitasking.

I think it'd be hard to find and manage such a work and/or volunteer force at
scale well enough to really think that a creative and hard-core security
review had been accomplished.

------
kyzyl
Well I can't say for sure about anything strictly US based, but up here in
Canada I happen to know of one effort that is underway to move large corporate
clients to a more private setup.

Apologies for being cryptic, but I can't say much more than that. I can say it
has big backing, and is designed to take advantage of the fact that Canada's
privacy laws haven't quite degraded to where we're in a situation like the US.
Not quite yet. The hope is that by doing things somewhat more 'right' now--
ahead of the legal curve--down the road clients _may_ not end up in as tight a
situation as they are in the US legal framework.

But, yes, people are working on it.

~~~
conformal
i would not count on the canadian government not running a system that is
substantially similar to the usg. intelligence services often aren't concerned
with laws, so expecting legal protection matters is a very much misguided
path.

~~~
kyzyl
Sorry for the delay. I agree. If a powerful government wants to get something,
it generally will get it. However, I think there are a couple of small
differences here:

1\. This venture is backed by a _private_ fibre network. This means that all
(most) of the traffic for these large clients will still be very accessible
nationwide, but will not be subject to internet backbone taps (within Canada
or otherwise).

2\. Canada's legal system is still a ways away from the US, although Harper is
trying his damnedest to change that. To my knowledge, it's still significantly
harder to obtain legal wiretaps, especially _blanket_ wire taps, than it is in
the US. Naturally, legals systems can change, but for now people are trying to
work within the system and stay ahead of the curve.

3\. Again, a private network. This means that even in the eventuality that
intelligence services were doing illegal surveillance, it's a bit harder for
them to access the network without the companies and their clients knowing.

That said, if Canada keeps going in the direction it is going, it probably
won't matter. I'm just mentioning that people are indeed trying something in
this space. Like all ventures, they are by no means guaranteed success.

------
samspenc
A friend of mine told me about Unsene:
[https://unsene.com/](https://unsene.com/)

They are a chat service that does in-browser encryption of messages.

They have an Indiegogo project: [http://www.indiegogo.com/projects/unsene-
secure-and-private-...](http://www.indiegogo.com/projects/unsene-secure-and-
private-chat-calls-and-photo-and-file-sharing)

(I am NOT affiliated with the project, but have played with it and heard about
it from a friend who knows some of the people working there.)

~~~
tptacek
Unsene is comical.

[http://unsene.com/blog/2013/06/15/is-most-encryption-
broken/...](http://unsene.com/blog/2013/06/15/is-most-encryption-
broken/#awesm=82ef32ff7c8b689b8139ce2c1bfd0da4)

"4096-bit XAES", and 2048 bit RSA.

------
chadkruse
Thanks for asking the question and interested in the discussion, but something
tells me the startup community is going to be relearning the dynamics of
"regulatory risk" with this one.

Move fast.

~~~
hoodoof
I don't understand, can you explain?

~~~
_sh
Perhaps that any attempt to subvert snooping by the government will simply be
made illegal?

~~~
hoodoof
Maybe the startup opportunities will now be in Europe.

Perhaps the silicon valley capital will see the scale of the opportunity and
fund euro companies that can live outside the U.S regulatory domain.

~~~
chadkruse
Was mainly commenting that we don't how THE MAN will react. New Congress soon,
new President soon enough...all could quickly change and new legislation could
kill/amplify any business going after this "problem". Maybe it's systemic and
ripe for disruption. Maybe Bernie Sanders will have a smackdown this week and
the privacy issue is moot. We don't know what lawmakers might do = regulatory
risk.

Was just suggesting investors might use that lens...if that's the route a
startup takes.

~~~
Torkild
Elections never truly change anything though.

~~~
hoodoof
Companies with hundreds of billions in cash in the bank do change things.

------
snikch
I’m surprised nobody has mentioned Kim Dotcom’s Mega yet.

[https://mega.co.nz/#privacycompany](https://mega.co.nz/#privacycompany)

------
syassami
Over at @ [http://curvechat.com/](http://curvechat.com/) we have are
developing custom communication protocols using vetted cryptography practices
and collaboration from
[http://cryptocode.com/about.html](http://cryptocode.com/about.html)

Right now we focus on private solutions but may make the transition to more
public options soon.

------
ekianjo
The thing is, even non-US governments appear to be snooping on their people
and companies (as we have learnt, following the NSA scandal), so I am sure if
there is really a safe haven out there? And as someone else said, governments
make laws, and can declare it illegal to prevent snooping from their secret
agencies. The best you can do is use strong encryption, but even that is not
100% sure it's enough.

------
enterthemist
We are working on a simple end-to-end encrypted email solution with the
encryption being nearly completely transparent to the user (i.e. simple enough
for the average person to use). Furthermore, with our solution, if the
government ordered us to help, we couldn't. Even more, if they steal your
computer, plant malware, or do any number of other shady tactics they wont be
able to access your email.

~~~
bigiain
Don't under-estimate rubber hose cryptography.

I'm under no doubt whatsoever that if the NSA show up and grab all my
hardware, and wave their $5 wrench menacingly, I'll give them all the
keys/passphrases they ask for.

I'm "sure enough" though, that they can't read my EncFS/GPG/TrueCrypt
protected data without me knowing about it. Not even the data synced to
Dropbox/GoogleDrive/Jottacloud.

~~~
enterthemist
> I'm under no doubt whatsoever that if the NSA show up and grab all my
> hardware, and wave their $5 wrench menacingly, I'll give them all the
> keys/passphrases they ask for.

True enough, but we could also implement a duress code which would wipe data
of your choosing and unlock the rest. There has also been some research into
learned passwords (passwords which you dont consciously know, but rather exist
in a mannerism of yours. e.g. the path your eyes take when trying to read some
lines of code). That aside, no solution today protects against this including
your truecrypt partition.

> I'm "sure enough" though, that they can't read my EncFS/GPG/TrueCrypt
> protected data without me knowing about it.

If they plant malware on your computer (without you knowing about it) would
you still be so sure?

------
paulrademacher
The real opportunity here is probably in the other direction: companies to
feed the U.S. government's insatiable appetite for private data.

~~~
hoodoof
So perhaps all startups should include in their pricing table a "Direct
feed/backdoor" option ( __*only available to NSA) for millions of dollars?

~~~
DigitalSea
It's a morally bad idea, but from a business plan perspective a really good
idea if anyone were to do such a thing...

~~~
bdcravens
Never ending demand, and practically limitless budget - sounds like the
perfect customer.

------
olegp
At StartHQ ([https://starthq.com](https://starthq.com)) we've added the
country and hosting company, as well as a list of alternatives, to every SaaS
provider in our directory. So, while we're still hosted on Amazon in the US
ourselves, we are helping users find snoop free alternatives to services
they're using today.

------
hoodoof
Perhaps a set of carefully thought out assertions/documentation that suppliers
are required to sign to guarantee their services are not monitored. Maybe
there is a commercial opportunity in facilitating that.

~~~
avifreedman
For havenco.com we are thinking that a cooperating group of privacy-concerned
service operators could audit each others' assertions. The specific concern is
that it's really untested whether one could be compelled legally to keep
updating warrant canaries. However, external auditing if it can be done
without compromising the security or privacy of the systems at hand could give
an extra level of certainty that the provider is trustworthy the claims that
they are certifying.

For modern devops-y infrastructure deployed from repositories of code and
configs, it should be doable to have some level of auditing that the
infrastructure as deployed represents the desired config state.

That is how Akamai, for example, ran/runs its ESSL network - auditing that the
deployed machines are per config, no local disk logging or core dumping,
auditing before keys are deployed to let machines come into the system. Yes,
there are also cameras and intrusion detection on the cabinets but it's really
the software layer that provides the security.

And now with chef, puppet, salf, cfengine, etc it is probably possible to
build something to bring this level of auditing to almost any modern web
service.

------
Kiro
The privacy boom won't happen, sorry. Most people have already forgotten about
the NSA snooping.

But anyway, here you go: [https://heml.is/](https://heml.is/)

------
replax
A friend just told me about zenmate.io , however, i dont see their advantage
over a vpn, aside that it's free for now. big drawback: you dont control it,
so you have to Trust them with security..

------
benwerd
At latakoo ([http://latakoo.com](http://latakoo.com)) we're building video
codecs with built-in strong encryption, for enterprise use.

------
avifreedman
havenco.com just released a web site for its relaunch. First services (coupon
codes going out starting next week) will be VPN with web proxy today and then
adding a ToR-like but commercially supported option, and storage with plans
that include combined storage in S3-compatible buckets as well as private LAFS
clusters. Distributed hosting in a secure way to support private mail, IM,
rss, discussion, and other apps is on the table after that.

------
delimitted
We have been working on HushTunnel since SOPA.

