Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

6/27/2011
02:08 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Certivox Rolls Out Secure Information Exchange For The Cloud

PrivateSky secures Web-based messaging, including Google Mail, Hotmail, Facebook

SAN FRANCISCO, Calif., June 22, 2011 - CertiVox today revolutionized secure information exchange for the cloud with the launch of PrivateSky, a service that allows anyone to quickly and easily secure their web-based messaging - including Google Mail, Hotmail, Facebook and others - and confirm the identity of the sender for messages they receive without using usernames, passwords, certificates or complex workflows. Offering unprecedented simplicity and ease of use, CertiVox's free PrivateSky Connectors for Microsoft Silverlight and Internet Explorer and breakthrough PrivateSky service virtually eliminate the threat posed by phishing and spear phishing attacks by delivering all the privacy, authentication, message integrity and non-repudiation benefits of military-grade AES encryption.

Unlike today's public/private key-based encryption systems, CertiVox's innovative cryptographic technology requires only one key and recipients do not have to be pre-registered with the PrivateSky service to receive protected messages. With the PrivateSky Internet Explorer Connector installed, anything typed into any web page text entry box - including all social networking and blog posts and comments, forum entries, web-based email messages and more - for any recipient can be uniquely encrypted with a single click.

"We are offering the PrivateSky service free to individuals to improve information security in an area that has not been well served until now," said Brian Spector, founder and CEO of CertiVox. "The individual's right to protect their data on the web has been ignored by the security industry and, as a consequence, now is being abused by attackers, unscrupulous governments and questionable business people.

"Until now, only large enterprises and governments have been able to adopt the complex and expensive techniques required to secure information exchanges. CertiVox's breakthrough key distribution technology means that individuals, from their browsers, now have access to the same sophisticated information security techniques used by governments and the military. And it's free."

According to Spector, the recent spear phishing attack against senior officials at the U.S. Department of State and the White House never would have happened had they been using the PrivateSky service in conjunction with their Google Mail accounts. It would have been immediately obvious that the messages they received did not come from the indicated sender, and were therefore suspect. Further, if the accounts had been compromised in some other manner, the encrypted content of the emails would have been secured from attackers.

The PrivateSky platform as a service employs CertiVox's innovative non-interactive key agreement technology which provides end-to-end encryption by issuing the user only one key, called a Sky Key. Unlike the public/private key protocol, which requires two keys for each user and a complex PKI infrastructure for encryption key distribution, the Sky Key enables the PrivateSky service to address privacy, authentication, integrity and non-repudiation without any of the usual complexity, cost or management overhead.

The PrivateSky service also is capable of delivering its secure information exchange services to a much broader range of applications and compliance-based communications including:

* Global enterprises sending EDI supply chain information between applications over unsecured online links * Online retailers using low-cost, point-to-point encryption solutions for PCI compliance * Government agencies providing citizens with private and or critical information * Investment bankers and lawyers communicating with clients about a highly sensitive merger or public offering * ISV's developing applications that handle and process sensitive information or performance data for real-time systems * SaaS providers operating securely "in the cloud" to meet compliance requirements and meeting their customers concerns over security The PrivateSky service uses the AES 192-bit encryption standard, and complies with European Data Protection Directive 95/46/EC.

Availability and Pricing The PrivateSky Connector for Internet Explorer is available now for free download and use at the PrivateSky website, http://www.responsetrack.net/lnk/privatesky/1eczl/?17QWP003KEL. Internet Explorer is the first of several popular browsers to be supported by the PrivateSky service, and additional Connector plug-ins are planned.

About CertiVox CertiVox develops and markets technology and services that enable everyone to secure their information exchanges simply and easily. Through its pioneering use of non-interactive key distribution, CertiVox's on-demand key generation and management service can provide ISVs and SaaS providers with the security backbone they need to achieve end-to-end secure information exchange for a broad array of cloud-based applications. Building upon this infrastructure, CertiVox has created PrivateSky, the first end-to-end secure information exchange service for the Web 2.0 world, for individuals and companies needing to secure their information exchanges over the Internet. CertiVox has headquarters in San Francisco and London, and is funded by Pentech Ventures and Octopus Ventures. For more information, visit http://www.responsetrack.net/lnk/certivox/1eczm/?17QWP003KEL.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Manchester United Suffers Cyberattack
Dark Reading Staff 11/23/2020
As 'Anywhere Work' Evolves, Security Will Be Key Challenge
Robert Lemos, Contributing Writer,  11/23/2020
Cloud Security Startup Lightspin Emerges From Stealth
Kelly Sheridan, Staff Editor, Dark Reading,  11/24/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-27218
PUBLISHED: 2020-11-28
In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request with a body that is ...
CVE-2020-29367
PUBLISHED: 2020-11-27
blosc2.c in Blosc C-Blosc2 through 2.0.0.beta.5 has a heap-based buffer overflow when there is a lack of space to write compressed data.
CVE-2020-26245
PUBLISHED: 2020-11-27
npm package systeminformation before version 4.30.5 is vulnerable to Prototype Pollution leading to Command Injection. The issue was fixed with a rewrite of shell sanitations to avoid prototyper pollution problems. The issue is fixed in version 4.30.5. If you cannot upgrade, be sure to check or sani...
CVE-2017-15682
PUBLISHED: 2020-11-27
In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is able to inject malicious JavaScript code resulting in a stored/blind XSS in the admin panel.
CVE-2017-15683
PUBLISHED: 2020-11-27
In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is able to create a site with specially crafted XML that allows the retrieval of OS files out-of-band.