The MIT Technology Review suggests that 2014 is “The Year of Encryption.”
- Yahoo encrypted its email service.
- Google now encrypts search terms.
- Microsoft says it will encrypt all the data to and from its networks by the end of 2014.
The technology projects director at the Electronic Frontier Foundation (EFF) says that encryption on the Internet is “expanding enormously.”
The EFF has asked companies in its “Who Has Your Back” Program to identify what they’re doing to bolster encryption in light of the NSA’s unlawful surveillance of private email communications.
The EFF reports that eight companies are implementing five out of five of their best practices for encryption.
These companies are:
- Dropbox
- Microsoft
- Sonic.net
- Spider Oak
- Yahoo
The EFF best practices are:
- Encrypt data center links
- Support https
- https strict (hsts)
- forward secrecy
- starttls
The EFF’s encryption advocacy is aimed at protecting against unauthorized government surveillance:
By adopting these practices… these service providers have taken a critical step towards protecting their users from warrantless seizure of their information off of fiber-optic cables. By enabling encryption across their networks, service providers can make backdoor surveillance more challenging and require the government to go to courts and use legal process.
The EFF’s Surveillance Self Defense (SSD) Project
exists to answer two main questions: What can the government legally do to spy on your computer data and communications? And what can you legally do to protect yourself against such spying?
The SSD has some useful information about defensive technologies, including encryption and the avoidance of malware.
Of course, encryption can also help protect against extra-governmental hacking and data theft.
The problem is that encryption with the existing inadequate tools is like jumping off a sinking ship with a leaky life preserver. It’s better than nothing, but you know it’s not going to protect you for long.
What’s needed is a whole new paradigm for data encryption – one based on dynamic rather that static encryption.
PACid’s five levels of data security provide game-changing technology for making data theft a thing of the past.