It’s finally starting to be a thing that not every single cloud service needs to own a copy of the data that their customers create.
This is recently a feature that a lot of people are interested in, due to repeated attacks on people’s privacy from both government and non government sources.. Even if you trust that your government will never abuse their power, if critical data exists in compromisable form, we all saw last year that even high profile apple icloud users were not safe from some creep with a bit of social engineering expertise.
The only real solution other than never creating any digital data you wouldn’t be happy for the whole world to see seems to be full end to end encryption. But full end to end encryption is hard.
Spideroak has been pushing the zero-knowledge barrow for a long time now, and serving a market of, well, non mainstream people mostly. While starting to work out a reusable API based encryption service for other businesses to include their technology.
But This new rollout of end to end security from gen-y and millennial text message replacement app whatsapp takes the communications between around a billion people worldwide completely undercover, in a single software update.
Of course the technology for attacking private people’s devices is as capable as ever, so people that are specifically targeted for monitoring probably won’t be able to communicate in private still… But having the main store of user data completely inaccessible to the company that facilitates it removes the ability for industrial scale data theft, which is a very large and very dangerous vulnerability for the ordinary day to day users of most connected services now.
As the IoT data flow grows and grows, and more and more homes start to have connected devices that measure something or other, and each device communicates its data back to some arbitrarily secured server via some arbitrarily secured transport, the IoT field has an enormous scope for misuse. Not just for constant surveillance, but for malicious activity of connected devices in a person’s home. Baby monitor hacks are just the beginning.
Now whatsapp has shown the way for a massively multi user application to go private, and it’s pretty obvious to expect that people will see this and start to expect the same kind of protections everywhere else, including IoT products.