|
I am wary of any company's claims of end-to-end encryption[1], especially when I have no experience with them. That being said, I think open-source is the right path. If I can compile the client myself, locally, and audit the code myself, that's a good first step. Perhaps even better would be for the data PUT/GET to be via an API, and I can bring my own client if I want. Then, the encrypted data is truly just an opaque blob from the service provider's POV. But you might as well be Google Drive at that point, no? I haven't looked into the product much; I'm assuming that the server side is more than storage for opaque blobs. The less it is that, the less I can fully trust that my data is safe in their hands. And even if it's not my own secrets, but maybe some metadata (expiration times?), that is also sensitive data that would best not be leaked. This is actually one space where I think certifications can be meaningful — such as FIPS, for the case of the US Federal Gov't. They tend not to mess around with security, so I trust that a little bit more (NSA backdoors notwithstanding). [1] I remember when Zoom claimed that their video conferences were "end-to-end encrypted", and when it came out that they were not, they apologized, saying something along the lines of "we're sorry for any confusion we caused — when we used that term we meant XYZ, but we understand how some people could have interpreted it as ABC." So, in other words, they lied, used a well-established industry term to mean something else, and when caught in their lie, minced words to say "oh when we said _this_ we really meant _that_." Big frown from me. |
Certifications are definitely important, and we're actively thinking of that.