Optimizing the World

Official Blog

Zero Knowledge

What Is “zero knowledge encryption” and why does it matter?

When you upload something to the cloud or use a piece of software, do you ever find yourself wondering, “who else had access to this?” We trust our software providers and assume our precious files are only shared with the people we’ve chosen, but is this always the case?

Sadly, it’s not, which is why it’s important to know about “zero knowledge encryption”.

Now, before you go deleting all those Vegas photos in your secret folder, keep reading to learn how you can better understand and manage the security of your information.

What is zero knowledge encryption?

A zero-knowledge solution is so private that not even your service provider or customer support agent can access your information. It’s like a personal storage unit that you and only you have the key to open your unit. The owner of the building sees a bunch of locked units and that’s it. They know nothing and will continue to know nothing unless you share information with them directly. If you take one thing from this blog, let it be this: with zero knowledge encryption, private means private.

Zero-knowledge solutions are unique in a world where a lot of applications and software rely on personal data to be profitable. Certain apps make money off user data like age, gender, relationship status, etc., by selling targeted advertising, or worse, personal info to third parties for who knows what.

Let's relate zero knowledge encryption to something we’re all familiar with: an alarm system. You have a secret passcode to disarm a security system, but is it really secret? Let's say you’re suddenly struck with amnesia and can’t recall your secret code, so you call the security company.

If the security company simply tells you the code, they’re not zero knowledge and your secret code isn’t so secret. When this is the case, you’re trusting every employee of the company to not break into your house. On top of that, you’re trusting the security company is protected from cyber threats. The last thing you need is a computer hacker breaking into your house.

If the security company is zero knowledge, they’ll confirm your identity before allowing you to personally and privately reset your code. Your house and its valuables are much safer this way.

Okay, I get it, but I really trust the people that installed my alarm, so who cares whether they’re zero knowledge? I don’t have a lot of valuable stuff anyways...

Data sales and breaches can and have hurt people

So, you don’t think a zero knowledge software solution is all that important? Here are a few spooky stories that might change your mind:

In 2016, 50 million Uber riders and 7 million drivers had their data breached

The tale of Uber’s security breach begins with some nasty hackers who accessed names and phone numbers stored on Uber’s AWS servers. They also grabbed 600,000 license plates from drivers. If your information was stolen, you can bet you’d receive an uptick in spam phone calls. With your license plate number, hackers could find out where you live, make false insurance claims, and file police reports to tie you up in paperwork, too. Terrifying.

Slack had a breach in 2015 and allows corporate espionage

In 2015, hackers got into workplace messaging tool, Slack, and accessed their profile database to pull usernames and passwords. While your digital watercooler talk may not be sensitive information, a hack is a hack and the response should be swift. Instead of addressing it immediately, Slack waited until 2019 to prompt users to reset their passwords. That means hackers could have been lurking your messages – and file attachments – for years!

In the wrong hands, your data can be used against you in some very serious ways. So now that you’re sufficiently scared, let’s figure out what we can do about it.

So how can you check your software is zero knowledge?

The landscape around data privacy is shifting. All over the world people are realizing the importance of protecting your personal and work information. It’s for those same reasons we here at Zebu take a strong stance when it comes to protecting your sensitive information, we believe that everyone has the right to keep their work and personal lives secure and private. To stay safe online make sure to:

You don’t have to go ballistic and delete your account on every platform storing data on you. Besides, that might not guarantee they erase your data anyway (a topic for another time). What’s important is that you know what you're sharing and what a company can do with that information. The rest is up to you! Keep it in mind the next time you sign up for something or are looking at software for your business.

Keep reading →

Encryption Isn’t Just For Spies

When nations are at war, weapons and troops aren’t the only way to win. Knowledge was also extremely powerful. Countries spent an extraordinary amount of effort to intercept the enemy’s message. But once they got it, they couldn’t understand it! Not just because it might have been in another language, but because it was garbled into a strange code. That strange code is our introduction to encryption.

Entire departments were mobilized to break the code and get at those secrets. Codebreaking is another way to talk about decryption. If you’ve heard of The Imitation Game or A Beautiful Mind, those movies tell the stories of some very famous codebreakers.

If we haven’t lost you to a great film yet, we would love to tell you more about encryption. It sounds like something for fancy mathematicians and super nerds, but it’s part of all the everyday things we do with our technology. No wars are being won, but it doesn’t hurt to learn.

Explain encryption to me like I’m five

Encryption is just a way to scramble information. If someone were to get their hands on encrypted information, they’d have no idea what they’re looking at. Decryption is used to turn that scrambled information back into its original format. Most digital communications, whether it’s accessing a website or putting in your credit card info while checking out of an online store, include some form of encryption. There are two different types, and many different formats within each type of encryption.

Symmetric vs. asymmetric encryption algorithms

The difference between the two types of encryption lies in whether or not the same key is used to encrypt and decrypt the message.

If you’re a master of words, you can probably guess that symmetric encryption uses the same key to scramble and unscramble the encrypted information. These methods are usually much faster, but you also have to pass the key along to the recipient, which could make managing its security more difficult. One of the popular formats for symmetric encryption that you may see tossed around is AES (Advanced Encryption Standard). It’s used in a ton of things like WinZip and WhatsApp.

Asymmetric encryption will use two different keys: a public one and a private one. They keys are related together through the same encryption algorithm, and one is used to encrypt while the other decrypts. Because there’s more than one key, asymmetric encryption can take longer. But asymmetric encryption also provides additional security because you can pass information to complete strangers without ever needing to share your own private key. A popular format you may hear about is RSA which is commonly used for web browsers and VPNs.

That’s cool and all, but why should I care?

The first thing that matters is that you’re using tools, apps, and programs that use encryption. Seeing that word is a good step in keeping your information, messages, images, and files secure and private.

Then you look to what kind of encryption is used and how strong it is. As a general rule of thumb, you shouldn’t settle for anything less than the following protocols:

  • AES with a 256-bit key
  • RSA with a 2048-bit key
  • ECDH

If a company won’t tell you what encryption protocol they’re using, that should be a red flag. They should be proud to support their encryption methods and talk about them. Our software is zero knowledge and uses ECDH encryption, so we can’t look at your messages, files, and meetings and neither can a quantum computer!

Keep reading →

Facebook's Surveillance Empire

enter image description here People have always been worried about government surveillance both internal and abroad, but not many realize that companies like Facebook have surveillance empires of their own.

Facebook is actively expanding its reach into the personal lives of its users and has recently deployed features to their apps to help suit their own surveillance desires in an ever-expanding mission to know everything there is to know about you.

Already today Facebook scans posts after they are uploaded, but as the company moves towards the encrypted and instant communication platforms like WhatsApp, it is aggressively moving towards content filtering directly from user’s phones.

image alt ><

Just this year the company stated that once a user downloads their app they will track the location of their users at all times, all photos on their phone and what they say using the microphone and what pictures they take with their camera.

Right now, if someone wanted to install malware to scan the photos on your phone, to check if you have ever taken screen captures of Facebook properties, or check your calls and voice commands when you mention they would be violating wiretapping laws.

However, because you have agreed to Facebooks terms of service and installed their app Facebook’s on-phone image recognition algorithms will be able to scan your private photo gallery and monitor every image there, including the ones you have never shared. This also includes facial recognition on images you never uploaded to Facebook.

Voice recognition algorithms can also track every mention of Facebook on phone calls and the context it is mentioned in. The microphone could even be on and recording the surroundings 24/7, creating a global surveillance network beyond the most creative conspiracy movies.

Mark Zuckerberg’s empire also demonstrated their intention to harvest unencrypted messages from user’s devices without their knowledge through WhatsApp. Even though messages in Whatsapp are said to be encrypted, the platform will be able to scan and read your messages. They do this by scanning the messages before it is encrypted from the sender’s device or after it has been decrypted on the recipient’s phone.

As a result, Facebook is creating all the necessary backdoors and finding all the legal loopholes they can to satisfy their surveillance desires. Why do they even bother encrypting Whatsapp?

Be very aware of the intent of Facebooks offerings, their services are free and they make money of knowing everything they can about YOU.

This article is intended to show us the truth and to open our eyes to the events that are already happening in the platforms we used to trust and the fact that we need to take better care of our privacy.

Take care.

About us

We believe that privacy is an essential right. Sadly, tech giants are constantly scanning, reading and sharing our personal information more and more leaving us in a world where online privacy is a rarity.

Zebu provides a platform that protects businesses communication, files, scheduling and more. We are also strong advocates of security and privacy online.

Keep reading →

Optimizing The World

Header Let’s start off by introducing ourselves. We are Zebu Infrastructure Online, but you can call us Zebu for short. We are a tech startup located in the warmest and fastest growing startup community in Canada. Right here in Waterloo we are developing a platform that will help enhance and optimize businesses around the world.

Welcome to Zebu & our new blog Optimizing the World.

Our mission is to create a complete cloud based business platform for small and medium enterprise. Zebu wants to help equip businesses around the world with the tools of the 21st century. That means instant & secure communication, automated invoicing, project management, accounting, website creation, eCommerce and more. All manageable from a single application, Zebu.

We have been hard at work for over 2 years and now are finally getting ready to take our first step on our journey by releasing Zebu’s communication tool. We will talk some more about that in our next post.

image alt >< We can’t wait to share our stories with all of you. We will tell you about our latest features, Zebu’s development and experiences from our users. We will also share our takes on relevant news happening around the world and pass you some tips on how to get the most from our platform.

So join us in our journey of Optimizing The World!

Follow @Zebuhq on Twitter, Facebook, Instagram or Linkedin

image alt ><

Keep reading →

Follow This Blog

Most Liked Articles

Facebook's Surveillance Empire

enter image description here People have always been worried about government surveillance both internal and abroad, but not many realize that companies like Facebook have surveillance empires of their own.

Facebook is actively expanding its reach into the personal lives of its users and has recently deployed features to their apps to help suit their own surveillance desires in an ever-expanding mission to know everything there is to know about you.

Already today Facebook scans posts after they are uploaded, but as the company moves towards the encrypted and instant communication platforms like WhatsApp, it is aggressively moving towards content filtering directly from user’s phones.

image alt ><

Just this year the company stated that once a user downloads their app they will track the location of their users at all times, all photos on their phone and what they say using the microphone and what pictures they take with their camera.

Right now, if someone wanted to install malware to scan the photos on your phone, to check if you have ever taken screen captures of Facebook properties, or check your calls and voice commands when you mention they would be violating wiretapping laws.

However, because you have agreed to Facebooks terms of service and installed their app Facebook’s on-phone image recognition algorithms will be able to scan your private photo gallery and monitor every image there, including the ones you have never shared. This also includes facial recognition on images you never uploaded to Facebook.

Voice recognition algorithms can also track every mention of Facebook on phone calls and the context it is mentioned in. The microphone could even be on and recording the surroundings 24/7, creating a global surveillance network beyond the most creative conspiracy movies.

Mark Zuckerberg’s empire also demonstrated their intention to harvest unencrypted messages from user’s devices without their knowledge through WhatsApp. Even though messages in Whatsapp are said to be encrypted, the platform will be able to scan and read your messages. They do this by scanning the messages before it is encrypted from the sender’s device or after it has been decrypted on the recipient’s phone.

As a result, Facebook is creating all the necessary backdoors and finding all the legal loopholes they can to satisfy their surveillance desires. Why do they even bother encrypting Whatsapp?

Be very aware of the intent of Facebooks offerings, their services are free and they make money of knowing everything they can about YOU.

This article is intended to show us the truth and to open our eyes to the events that are already happening in the platforms we used to trust and the fact that we need to take better care of our privacy.

Take care.

About us

We believe that privacy is an essential right. Sadly, tech giants are constantly scanning, reading and sharing our personal information more and more leaving us in a world where online privacy is a rarity.

Zebu provides a platform that protects businesses communication, files, scheduling and more. We are also strong advocates of security and privacy online.

Encryption Isn’t Just For Spies

When nations are at war, weapons and troops aren’t the only way to win. Knowledge was also extremely powerful. Countries spent an extraordinary amount of effort to intercept the enemy’s message. But once they got it, they couldn’t understand it! Not just because it might have been in another language, but because it was garbled into a strange code. That strange code is our introduction to encryption.

Entire departments were mobilized to break the code and get at those secrets. Codebreaking is another way to talk about decryption. If you’ve heard of The Imitation Game or A Beautiful Mind, those movies tell the stories of some very famous codebreakers.

If we haven’t lost you to a great film yet, we would love to tell you more about encryption. It sounds like something for fancy mathematicians and super nerds, but it’s part of all the everyday things we do with our technology. No wars are being won, but it doesn’t hurt to learn.

Explain encryption to me like I’m five

Encryption is just a way to scramble information. If someone were to get their hands on encrypted information, they’d have no idea what they’re looking at. Decryption is used to turn that scrambled information back into its original format. Most digital communications, whether it’s accessing a website or putting in your credit card info while checking out of an online store, include some form of encryption. There are two different types, and many different formats within each type of encryption.

Symmetric vs. asymmetric encryption algorithms

The difference between the two types of encryption lies in whether or not the same key is used to encrypt and decrypt the message.

If you’re a master of words, you can probably guess that symmetric encryption uses the same key to scramble and unscramble the encrypted information. These methods are usually much faster, but you also have to pass the key along to the recipient, which could make managing its security more difficult. One of the popular formats for symmetric encryption that you may see tossed around is AES (Advanced Encryption Standard). It’s used in a ton of things like WinZip and WhatsApp.

Asymmetric encryption will use two different keys: a public one and a private one. They keys are related together through the same encryption algorithm, and one is used to encrypt while the other decrypts. Because there’s more than one key, asymmetric encryption can take longer. But asymmetric encryption also provides additional security because you can pass information to complete strangers without ever needing to share your own private key. A popular format you may hear about is RSA which is commonly used for web browsers and VPNs.

That’s cool and all, but why should I care?

The first thing that matters is that you’re using tools, apps, and programs that use encryption. Seeing that word is a good step in keeping your information, messages, images, and files secure and private.

Then you look to what kind of encryption is used and how strong it is. As a general rule of thumb, you shouldn’t settle for anything less than the following protocols:

  • AES with a 256-bit key
  • RSA with a 2048-bit key
  • ECDH

If a company won’t tell you what encryption protocol they’re using, that should be a red flag. They should be proud to support their encryption methods and talk about them. Our software is zero knowledge and uses ECDH encryption, so we can’t look at your messages, files, and meetings and neither can a quantum computer!

Zero Knowledge

What Is “zero knowledge encryption” and why does it matter?

When you upload something to the cloud or use a piece of software, do you ever find yourself wondering, “who else had access to this?” We trust our software providers and assume our precious files are only shared with the people we’ve chosen, but is this always the case?

Sadly, it’s not, which is why it’s important to know about “zero knowledge encryption”.

Now, before you go deleting all those Vegas photos in your secret folder, keep reading to learn how you can better understand and manage the security of your information.

What is zero knowledge encryption?

A zero-knowledge solution is so private that not even your service provider or customer support agent can access your information. It’s like a personal storage unit that you and only you have the key to open your unit. The owner of the building sees a bunch of locked units and that’s it. They know nothing and will continue to know nothing unless you share information with them directly. If you take one thing from this blog, let it be this: with zero knowledge encryption, private means private.

Zero-knowledge solutions are unique in a world where a lot of applications and software rely on personal data to be profitable. Certain apps make money off user data like age, gender, relationship status, etc., by selling targeted advertising, or worse, personal info to third parties for who knows what.

Let's relate zero knowledge encryption to something we’re all familiar with: an alarm system. You have a secret passcode to disarm a security system, but is it really secret? Let's say you’re suddenly struck with amnesia and can’t recall your secret code, so you call the security company.

If the security company simply tells you the code, they’re not zero knowledge and your secret code isn’t so secret. When this is the case, you’re trusting every employee of the company to not break into your house. On top of that, you’re trusting the security company is protected from cyber threats. The last thing you need is a computer hacker breaking into your house.

If the security company is zero knowledge, they’ll confirm your identity before allowing you to personally and privately reset your code. Your house and its valuables are much safer this way.

Okay, I get it, but I really trust the people that installed my alarm, so who cares whether they’re zero knowledge? I don’t have a lot of valuable stuff anyways...

Data sales and breaches can and have hurt people

So, you don’t think a zero knowledge software solution is all that important? Here are a few spooky stories that might change your mind:

In 2016, 50 million Uber riders and 7 million drivers had their data breached

The tale of Uber’s security breach begins with some nasty hackers who accessed names and phone numbers stored on Uber’s AWS servers. They also grabbed 600,000 license plates from drivers. If your information was stolen, you can bet you’d receive an uptick in spam phone calls. With your license plate number, hackers could find out where you live, make false insurance claims, and file police reports to tie you up in paperwork, too. Terrifying.

Slack had a breach in 2015 and allows corporate espionage

In 2015, hackers got into workplace messaging tool, Slack, and accessed their profile database to pull usernames and passwords. While your digital watercooler talk may not be sensitive information, a hack is a hack and the response should be swift. Instead of addressing it immediately, Slack waited until 2019 to prompt users to reset their passwords. That means hackers could have been lurking your messages – and file attachments – for years!

In the wrong hands, your data can be used against you in some very serious ways. So now that you’re sufficiently scared, let’s figure out what we can do about it.

So how can you check your software is zero knowledge?

The landscape around data privacy is shifting. All over the world people are realizing the importance of protecting your personal and work information. It’s for those same reasons we here at Zebu take a strong stance when it comes to protecting your sensitive information, we believe that everyone has the right to keep their work and personal lives secure and private. To stay safe online make sure to:

You don’t have to go ballistic and delete your account on every platform storing data on you. Besides, that might not guarantee they erase your data anyway (a topic for another time). What’s important is that you know what you're sharing and what a company can do with that information. The rest is up to you! Keep it in mind the next time you sign up for something or are looking at software for your business.

Optimizing The World

Header Let’s start off by introducing ourselves. We are Zebu Infrastructure Online, but you can call us Zebu for short. We are a tech startup located in the warmest and fastest growing startup community in Canada. Right here in Waterloo we are developing a platform that will help enhance and optimize businesses around the world.

Welcome to Zebu & our new blog Optimizing the World.

Our mission is to create a complete cloud based business platform for small and medium enterprise. Zebu wants to help equip businesses around the world with the tools of the 21st century. That means instant & secure communication, automated invoicing, project management, accounting, website creation, eCommerce and more. All manageable from a single application, Zebu.

We have been hard at work for over 2 years and now are finally getting ready to take our first step on our journey by releasing Zebu’s communication tool. We will talk some more about that in our next post.

image alt >< We can’t wait to share our stories with all of you. We will tell you about our latest features, Zebu’s development and experiences from our users. We will also share our takes on relevant news happening around the world and pass you some tips on how to get the most from our platform.

So join us in our journey of Optimizing The World!

Follow @Zebuhq on Twitter, Facebook, Instagram or Linkedin

image alt ><