Learn about Linux
Download Linux
Get Linux helpSpecial Offers
Feature: Business
Open source applications Keep You Safe
Share
Print
CommentsPersonal data safety is big business lately. There are a variety of ways to protect your identity or keep your personal information from the prying eyes of dishonest people, but Eric Wolbrom has what he believes is a unique service. Keep You Safe makes it possible for subscribers to store all their personal data securely in a virtual online "safe deposit box," and share the key with someone they trust. When Wolbrom, a self-described "security geek," finally had the chance to launch Keep You Safe, he knew that building it on Linux, Apache, MySQL, and PHP (LAMP) was the best way to keep his customers' data secure.
Keep You Safe was born of Wolbrom's interest in business disaster recovery and his own personal data security. Wolbrom learned his lessons from his grandfather, who escaped from Poland early in World War 2, Wolbrom says. "He drilled it into my head that you always had to be prepared to run." Wolbrom's background is in business continuity and disaster recovery planning. "We do this for businesses, but why don't we do it for our personal data?" he asks. Wolbrom calls it "personal disaster recovery."
"Being a security geek, I had always created these text files that would keep the family numbers together, and then use one of the encryption tools of the day to encrypt it, and put it out on the Net." Wolbrom said he could never resist discussing the topic with his business continuity clients. "Have you ever thought of doing for your personal data what you're doing with your business information?" he would ask them. "I wrote this little how-to article for a client." From there, it was only a matter of time before Keep You Safe was born.
Keep You Safe gives clients the ability to either store records in text format on its servers, or to scan and upload copies of documents. Wolbrom says almost every technology that Keep You Safe is built on is open source, including the numerous custom applications he and his partner built to encrypt and store clients' data. Everything sits on top of a classic LAMP architecture: Red Hat Enterprise Linux, Apache, MySQL, and PHP. That's because open source is more secure than proprietary code, Wolbrom says. "I look at this like this: there's an old adage that security through obscurity is not security at all. If I am building something and I make it completely obscured, someone will find the holes in it and will be able to hack that thing. Windows is completely closed and people are constantly reverse-engineering it. With open source you have thousands upon thousands of people looking at the code. If we have lots of people looking, we're always going to find the bugs before they become an issue."
In keeping with that belief in transparency, the company provides a PDF white paper that explains the security process for passwords and logins, data encryption, data transport, network firewalls, patches, and backups.
Wolbrom appreciates the range of choices in existing applications that open source provides, so that when it comes to custom development his team doesn't always have to start from scratch. "It gives us a lot more flexibility in there for the things we want to add on or create, as opposed to building every single aspect of the application. I've believed in open source since 1996, when I first started looking at it."
Wolbrom highly recommends using open source to launch any kind of online business. "It's going to give you the lowest expense-to-deliverable ratio that you're ever going to find. And that's the key thing about open source -- it's just so much less expensive to build anything. It's one of the biggest benefits."
Tina Gasperson writes about business and technology from an open source perspective.
Comments
on Open source applications Keep You SafeNote: Comments are owned by the poster. We are not responsible for their content.
Re: Open source applications Keep You Safe
Posted by: Anonymous [ip: 122.107.84.167] on April 22, 2008 10:46 AM(I don't have much experience with PHP or setting up LAMP, but I am curious about those who've had experience in this area)
Re(1): Open source applications Keep You Safe
Posted by: Anonymous [ip: 12.169.163.241] on April 23, 2008 01:01 AMThe first thing I see on the surface that worries me is their "Hacker Safe" box and perhaps their 100% privacy guarantee. Nothing is Hacker safe, nothing is 100% safe, You can come close, but not completely. That's false advertising and giving people a false sense of security. Security is on the inside, not in an image on the front page.
On their FAQ, they only say that they monitor for security alerts and have Scanalert monitor their servers. Even if they are doing encryption, they better hope that they've put more thought into it than this. Just using encryption is not enough, you have to consider quite a few things, like what type of data it is, where in the data stream is it encrypted/decrypted, etc. Consider a known plaintext attack. If they store data in a structure and the hacker knows that the data inside the encrypted block is a US phone number, then they might know that the 4th and 8th character are a hyphen. I wonder if they considered things like this?
Open source applications Keep You Safe
Posted by: Anonymous [ip: 195.212.29.163] on April 22, 2008 08:16 AMhe KNEW that building it on Linux, Apache, MySQL, and PHP (LAMP) was the best way to keep his customers' data secure.
</qoute>
Hmm and how did he know ? like the post before im a bit baffled by the choise of PHP over a platform like
Java or Mono and Apaches high complexity doesnt spring into my mind as being particular security oriented. Although I do considder it a good product.
I do however totally agree that opensource code is being looked by every type of person and is forcing bugs to be fixed rather than hidden.
Open source applications Keep You Safe
Posted by: Anonymous [ip: 12.169.163.241] on April 22, 2008 01:22 AM#