10 of 10Image
SafeSlinger is the product of research at Carnegie Mellon's CyLab.
According to the university, it provides the same level of messaging security as PGP, only it makes the key exchange process for encrypted communications simpler.
"When exchanging keys, you only need to compare one number and one three-word phrase with other users. When doing this comparison, you must be able to either see the other user's phone screen or hear the number and phrases spoken so you can verify the physical presence of the other user," SafeSlinger explains on its FAQ page. In other words, the way to remotely exchange keys is by making a phone call.
SafeSlinger's server is implemented on Google's App Engine, where it exchanges encrypted contact and message data.
SafeSlinger hasn't quite got all the features of a current social IM application. At the moment, there's no group messaging and users can only add one attachment to a message at a time.
SpiderOak offers a cloud storage and backup that lets users encrypt their files on the fly before storing them in its cloud.
SpiderOak is available for free with 2GB storage, or for $10 a month for 100GB space.
The company's product Hive, which is included in the SpiderOak installation, provides a drop folder for files the user wants synced across mobile and desktop devices. Like Dropbox, it offers document versioning and users can share files with friends via a link from Hive.
SpiderOak claims to offer a "zero knowledge" environment that differs from other cloud providers that only encrypt data during transmission, but not while at rest on their servers. In contrast, files stored on SpiderOak's servers are encrypted, which should mean its staff can't read them even with physical access to the system.
The company also doesn't have access to the user's password, which means there's no password reset option. There is however a password hint that the user can set.
According to SpiderOak, it uses AES256 in CFB mode and HMAC-SHA256 encryption.
"SpiderOak uses a nested series of key scopes: a new key for each folder, version of a file, and the individual data blocks that versions of files are composed from. Having keys with such limited scope allows for selective sharing of chosen portions of your data while keeping the remainder private.
"Most importantly, however, the keys are never stored plaintext on the SpiderOak server. They are encrypted with 256-bit AES, using a key created from your password by the key derivation/strengthening algorithm PBKDF2 (using sha256), with a minimum of 16384 rounds, and 32 bytes of random data ("salt").
"This approach prevents brute force and pre-computation or database attacks against the key. This means that a user who knows her password can generate the outer level encryption key using PBKDF2 and the salt, then decipher the outer level keys, and be on the way to decrypting her data. Without knowledge of the password, however, the data is unreadable."