WhyWaitForever

London England

Home 
Product 
Support 
Free Trial 
Licence 
About Us 
Contact Us 

 

VisibleKey

"WhyWaitForever - London" for the best London directory.

Product Information

    VisibleKey is fast easy to use security software for keeping personal text secret.

    VisibleKey is an independent, stand alone security product that enables text to be encrypted and decrypted using simple keys.

    For business

    A leading security company ponders in their sales literature the question. "Encrypted email. Is is safe?". They answer, "It depends." They continue, "The benefit of encryption is that it locks your data away from prying eyes allowing only the intended recipient access." Companies like this suggest it is important for companies to scan for encrypted data and to secretly decipher or block unauthorised usage. These companies suggest for a price that they have the products to handle such a difficult task. Clearly if companies have access to such products so do their competitors and so do others who wish them harm. An individual within a company using VisibleKey can test out the strength of security within their company and then use VisibleKey with confidence.

    The most successful companies have built their success on the firm basis of trust between all parties. In the eighteenth century when a gentlemans word was his bond and written contracts were rare economic growth blossomed. As contracts became more common, clauses and sub clauses were introduced to try and cater for every eventuality. A gaggle of laywers, lampooned brilliantly by Dickens sucked out the business life blood of many a company. With every change in business operation the first reaction of some is to regulate and perhaps even over regulate. This was seen when contracts were introduced and when the telephone enquiry centre was introduced. It is now seen with the use of web sites, email and video conferences.

    A company reduces the time it spends in growing their business if it spends excessive time in systematic eavesdropping on their own people. There may be loss of information and loss of productivity. There can be accidental breaches of confidentiality. There can be accidental exposure to legal liability. There may be damage to reputation through ill-advised releases of information. But the damage caused by building and maintaining a repressive organisational culture is potentially far far worse.

    An Email from a leading global company

    Dear all,

    Until it is decided which security culture will prevail across all [company name withheld] sites, please be aware of, and respect the differences between sites in the south west and those in [name of city withheld] and the north east.

    Company security policy in the south west does not permit the sending or receiving of non work-related e-mails. This includes personal e-mails, jokes, pictures, sound bites, video clips, etc. At present, there are strict disciplinary measures in place which may be applied to any staff in the south west contravening this policy. When communicating with this group of colleagues please refrain from sending anything which could compromise them and their policy.

    [company name withheld]'s policy specifies that e-mail is provided for business use only, as it is in the south west, but they enforce theirs rigorously.

    If you require any further information regarding this, please do not hesitate to contact me.

    [name withheld], IT Security Manager

    The need of people to have and maintain their own personal space appears to be a fundamental need. If companies allow such space it shows both trust and respect. If there is trust and respect success will certainly follow.

    At home

    VisibleKey is text and it is secure. It is brilliant. You and your mate each agree a phrase and a number. That's two phrases and a number between you. You choose "chelsea". Your mate chooses "millwall". You choose "1234" as the number. Arn't numbers brilliant. Later you want to email your mate to meet at the Eagle, City Road at 10 pm but you don't want the world to know. Earwigs are everywhere. So you use VisibleKey.

    You click on the above and enter "chelsea", "millwall" and "1234" in the phrases and number boxes. You enter "Eagle, City Road, 10 pm usual 12 lagers and a ruby" in the top input box. You press the "encrypt" button. You copy and paste the scrambled words from the middle box into your email to your mate. You send the email but you also send in the clear "Goose and Firkin, Borough 9 pm usual sherry and a pickled egg".

    Your mate gets the email with the scrambled words that have sneaked through the firewall. The world eavesdrops and decides to drop in on the Goose. Your mate clicks on the above and enters "chelsea", "millwall" and "1234" in the phrases and number boxes. Your mate copies and pastes the scrambled words (ensuring a single blank between words and a single blank at the end) into the middle box. Your mate presses the "decrypt" button and "Eagle, City Road, 10 pm usual 12 lagers and a ruby" appears like magic in the bottom box. Brilliant. You and your mate turn up at the Eagle and sad to say it is closed due to a power cut. You both go to the Goose and buy the world a sherry and an egg. Brilliant. Ain't encryption brilliant.

    Why use VisibleWeb

    Easy to use

    There are many security software products available. These products can be complex to install and complex to use. VisibleKey can be used without installation. VisibleKey is easy to use. VisibleKey runs locally. VisibleKey does not copy or transfer any information across the Internet. VisibleKey works independently of other products. VisibleKey does not need specialist IT expertise or knowledge.

    Taking personal control

    Most computer users connected to a network are subject to supervision by others with priviledged access rights. In companies and organisations these are usually IT Administrators or IT Security staff. In the wider world E-mails can be monitored. Web pages secured to "closed" user groups can be compromised.

    Sensitive information, embargoes and press releases

    The security of information can be improved using VisibleKey. Senior executives can use VisibleKey to include sensitive international travel details such as arrival times and destinations in open E-mails. Key elements of electronic diary notes can be held as VisibleKey. Press releases can be encrypted and "embargoes" enforced by emailing keys at the time of the release. Public web pages can contain VisibleKey content for access by particular groups of customers or staff. Companies can use VisibleKey to publish business continuity plans. The key phrases are "released" when the plan is invoked.

    Below the eavesdropper's radar

    The "encrypted" text is produced as a series of standard English words. These words can be incorporated within the contents of a textual E-mail. The words should pass through most firewall detection processes without difficulty. Other security products may produce "gobbledy-gook" characters which are easy to detect. More sophisticated firewalls could apply semantic, context and grammar checks. To get around these restrictions stealth techniques could be added to VisibleKey which would allow most firewall detection mechanisms to be circumvented. WhyWaitForever can provided consultancy assistance if this is required.

    Strength is relative

    The secret key is used to alter the paths through the security algorithm. The Java "jar" file can be opened and the Java "class" files revealed. The Java "class" files can be decompiled (reverse engineered) and the Java "source" files revealed. The Java "source" file can be analysed, documented and debug statements added to reveal the algorithms used. But the algorithms are varied by the particular secret key. The secret key is unknown so a computationally very large number of possibilities open up. Some claim that it is computationally infeasible to break the encryption without access to the secret key.

    History of encryption

    Security programs have a long history. The requirement to encrypt and decrypt discrete elements of information using independent processes is a universal need.

    The nineteen sixties

    In the sixties these types of security programs were used to desensitise for example payroll data so that once desensitised it could be directly used by programmers and testers. Clearly developers could not be trusted with sensitive salary information! With the increased use of bank accounts, the use of external bureaux (interestingly now making a comeback retitled as application service providers) and the use of contractors the need to desensitise became even more important. Simple cipher algorithms were sufficient because access to processing power was restricted and tightly controlled.

    A simple cipher can use a look-up table to substitute one character with another and likewise substitute back. The cipher tables can be encoded in the programs so it the machine instructions are dis-assembled the algorithm is revealed. Even if the cipher tables are not encoded in the programs the algorithms can be attacked by a brute force attack such as trying every coding combination or by looking for the most common characters in the most common words.

    The nineteen seventies

    With the introduction of the mini-computer more processing power was available and the simple cipher algorithm had to be augmented by additional approaches which used asymmetrical algorithms. These algorithms have interesting and useful properties. Processing in a "forward" direction is straightforward. Processing in a "reverse" direction tends towards the computationally infeasible. To use a very simplified analogy a complex hardware lock can be opened easily with a key but without a key such locks can be near impossible to open. The key became the point of strength and the point of weakness. If keys are not frequently changed or if systems are not protected from brute force attacks (by disablement after repeated failures) the algorithm can be revealed.

    The nineteen eighties

    With the widespread use of the personal computer even more processing power became available. The cipher algorithm augmented by asymetrical algorithms were augmented by algorithms dependent on series of keys themselves dependent on random events independently accessible by both parties. A wide variety of events could be used for example the "personal" column of the Times (of London) on a particular date and a particular edition. The number sequences that many countries broadcast on long wave were clearly not designed to win a mass listening audience.

    The nineteen nineties

    This was the start of the widespread introduction of computer systems with security as a major component. Operating systems became larger and larger. All components of a computer system could be secured using hardware "security identifiers", manufacturer supplied "unique" network (MAC) addresses, registration identifiers for licenses and other variants on these and similar themes. Hardware devices provided time based keys which were only valid for a set number of seconds before they changed. Security management and control became a standard administrative activity with an increasing call on diminishing resources. Support staff fought hard to stop security features being implemented because it increased the difficulties of resolving incidents. The arrival of the Internet provided both processing power and the ability to access previously closed systems directly IT system to IT system or indirectly via telecommunications elements. Systems behind firewalls became more and more secure and yet more and more open to "authorised" individuals such as IT and security administrators. Who can a CEO trust in a time of IPO, MBI and general M&A?

    The present

    It is the inalienable right of every individual to keep the most private thoughts secret in their heads and to be able to commit these thoughts if they wish to electronic form and still keep them as secret. VisibleKey is designed to allow this right to be met. VisibleKey applies combinations of algorithms. It is independent and works whether other security features are present or not. It is easy to use.

    Computing could be returned back to a golden age when most information was freely accessible and when most processing power was not spent in churning though security processing algorithms. Individuals would take individual responsibility to desensitise only those elements as were necessary.

    VisibleKey is implemented in Java. The program (classes) are easily decompiled and the algorithms revealed. The words used for the encrypted text are from standard word dictionaries. Keys are not encoded within the programs and the keys themselves influence the processing paths within the algorithms. It should be extremely difficult to attack VisibleKey using current processing technologies.

    The future

    It is postulated that a quantum effect computer could be built which could be programmed to attack and break swiftly the asymmetrical algorithms currently in use. Such a computer would be very costly to produce and initially would not be widely accessible. Clearly quantum effect "destabiliser" algorithms (in a form to be postulated) would need to be added to undermine the ability of such computers to attack the current generation of algorithms.

"WhyWaitForever - Software" for our products and academy.
Life's too short why wait forever
Privacy Declaration
Copyright © 2000 - 2005. WhyWaitForever. All rights reserved.
Legal Disclaimer