And when I decide to share it, you can rest assured I won’t do it on the upload site MEGA using the Silent Circle app on my iPhone.
If I sold you a lock and key for twenty dollars, and told you that no-one in the world would be able to unlock it except you, would you believe me? Probably not. And that’s the analogy I keep thinking of as a result of the recent launches of two services that are supposedly going to revolutionize privacy and file transfers. You may have already heard of one of these services; the infamous Kim Dotcom whose MegaUpload file sharing empire was taken down when he was arrested last year launched MEGA last month. One of the cleverest things about the new service is probably the hilarious domain name “mega.co.nz”, because the basic idea behind MEGA is simply that, as they themselves put it: “All files stored on MEGA are encrypted. All data transfers from and to MEGA are encrypted” adding that “unlike the industry norm where the cloud storage provider holds the decryption key, with MEGA, you control the encryption“. This is all fine and dandy from a basic technical standpoint, but what about the human element? As the hilarious XKCD five dollar wrench gag points out, there’s a level where massive encryption simply becomes irrelevant. I mean, it wasn’t only the technology that tripped up alleged Anonymous member Higinio O.Ochoa when he got collared by the FBI, it was pride. And his girlfriend’s breasts. And it wasn’t rubber-hose cryptanalysis that allegedly broke LulzSec leader Sabu, it was the threat of never seeing his kids again. So – including human nature as an element in the equation, could you logically trust a guy who looks and dresses like this to be selling you a trustworthy product that only has your best interests in mind? Likewise with a service that was getting some spin yesterday called Silent Circle. No, not the band Silent Circle, the app developer of tools like Silent Phone. The service promises to revolutionize mobile privacy. Some of the most impressive names in security and encryption are involved, and they swear that they will not bend to the feds when the feds inevitably get uppity about what this service actually does. But hold on. One of the developers is a former Navy SEAL. You don’t have to be wearing a tinfoil hat to ask how that is supposed to make you feel confident that the US government doesn’t have a backdoor into the service, do you? Personally, if I want to share a secret safely, I don’t think I’d do it through total strangers.