David Mark

@dm5738

Can We End Data Exploitation in Google and Facebook?

One Company Believes They Can

In the age of WhatsApp, Signal, and other messaging apps, questions over data security or sharing have arisen. True, apps like WhatApp and Signal boast end to end encryption, chances are your data is being used in a variety of ways.

One indication that WhatsApp (owned by the now bad boy of user data -Facebook) utilizes its users’ data is that it has rolled out an ads platform. If data was not being culled from messages to enhance targeting I think I and many others would be shocked.

But It’s Encrypted — So Why Are You Worrying?

WhatsApp and Signal and Google may be encrypted between sender and receiver, but the data is actually stored on the phone and this data is not encrypted, which leaves a back door to either the app itself using the data to sell to others or hackers breaking in to take your data.

So is there a solution?

The answer is yes.

I came across an excellent startup that called UseCrypt which is an Israeli-Polish Initiative that offers a complete secure messaging app.

Why is UseCrypt different? Unlike other messengers or email services like Gmail, UseCrypt utilizes the cloud, but houses the messages in an encrypted state that only the specific user has access to. This means no issues of data on the phone and no access by-design for companies to use the data for nefarious purposes.

UseCrypt messenger employs several different types of encryption to secure text messages and voice calls. Text is encrypted with TextSecure algorithm, whereas voice calls are encrypted with ZRTP protocol. Both protocols are reinforced with AES-256.

The person’s device (phone) establishes an unencrypted connection through the proxy server. Then, a separate key for a particular session is generated and negotiated using ZRTP protocol (Zimmermann & Real-time Transport Protocol). The ZRTP protocol allows MITM attack detection by displaying short word strings. Users should compare those word strings by talking and asking each other what is displayed on the screens. ZRTP protocol itself does not need a server but due to the nature of data exchange, the app uses proxy server that does not store any information. That makes whole operation very secure for both sides of communication.

So if no data is being sold, how is UseCrypt funded?

The answer is simple — by you!

Because Facebook and Google have commoditized users, their decisions on user data have been compromised. Think about it, if the only way a company can make money is by exploiting their users’ data, then why would anyone want to use them? Yet, this is exactly how Facebook and Google work.

By charging a small monthly fee, UseCrypt guarantees it will leave your data alone. After all it can’t access it even if it wanted to.

More by David Mark

Topics of interest

More Related Stories