Tech Crunch – by Josh Constine
Nothing is truly NSA-proof or hacker-proof, but WireOver wants to offer you more security than Dropbox, Google Drive, or Skydrive. The Y Combinator startup just emerged from stealth with a desktop app that lets you send files of any size for free. And for $10 a month, your transfers get end-to-end encryption so only the recipient can open them. WireOver can’t even look at what you’re sending.
If you just want to send huge video files or photo collections to friends and aren’t worried about encryption, WireOver is totally free for unlimited file-size sharing. But its premium level of privacy could be a big draw for anyone with sensitive files to send.
WireOver founder Trent Ashburn tells me there are security holes in the way big file storage and sharing providers transfer your stuff. “In the industry it’s called encryption in transit and encryption at rest. But the files arrive on the servers decrypted. Their servers will re-encrypt them and store them, but the encryption keys used are controlled by and accessed by the provider.”
Ashburn tells me there’s a risk of the same company having both a copy of your encrypted files and the key to open them. But with WireOver’s end-to-end encryption, files are never stored on its servers, and it doesn’t have the decryption key. “The approach we’re going for is ‘Trust No One’”.
WireOver Founder Trent Ashburn
Ashburn spent several years building computational models for quantitative hedge funds before becoming a semi-pro cyclist. He wanted to start a company he could relate to, and he found he was having some trouble with file transfers.
“With Dropbox, Google Drive, and Skydrive, sending small and medium-size files is pretty much solved but it’s a pain to send big files securely. There’a bunch of things that Dropbox works great for [like syncing]. And they do their best within their goals to have security, but they’re not trying to be the most secure tool. They’re trying to be your files everywhere.”
So Ashburn entered WireOver into Y Combinator. They built a bunch of failed prototypes before settling on a Python-based desktop client. Along with the YC funding it got from Andreessen Horowitz, SV Angel, and Yuri Milner, the four-person startup has raised an additional seed round from Bessemer Venture Partners, Boston’s .406 Ventures, and angels like BrandCast’s Hayes Metzger.
How To Use WireOver
Once you’ve installed WireOver, you just dump files into its little window, and type in the email address of the recipient[s]. Once they have WireOver installed and running, the file is transferred completely peer-to-peer, or routed by WireOver’s servers but isn’t stored there.
If you select “Secure” transfer and both you and receiver have paid the $10 a month fee, your file gets end-to-end encryption. For even more security again man-in-the-middle attacks, you can request to verify the recipient’s machine’s crytopgraphic fingerprint.
The big downside to WireOver using a transfer system rather than cloud storage is that both the sender and recipient have to be online at the same time. You can just upload a file, email someone a link, and shut off your computer.
But since WireOver doesn’t store files, it doesn’t have to charge for unencrypted transfers. That means you could send 200 gigabyte or even terrabyte-sized files for free, which could cost hundreds or thousands of dollars a year on Dropbox, Drive, or SkyDrive. If you’re looking for security and privacy, WireOver might be worth the $10 a month.
Ashburn says some clients have switched to WireOver from sending physical hard drives and USB drives through the mail or with FedEx. While there are other encrypted file sharing services, we haven’t found any popular ones that offer unlimited file sizes for free, or encryption of those files for as cheap.
Companies large and small are seeing their data fall into the hands of hackers, and we’re realizing our governments are engaging in widespread surveillance. Meanwhile, as our cameras get better and our screens get bigger, file sizes just keep going up. So whether you’re paranoid or just want to send all your photos to mom, WireOver understands.
Another scam artist trying to cash in on the turmoil. I’ll believe this when I believe McAfee’s new Internet platform.
Yep NC, there is no such thing as totaly safe,uncrackable privacy or encription
Another easy method is to create a true-crypt container
using a passphrase that you and the recipient know.
Similar to password protected .rar or .zip files but much more secure
provided you use a strong enough passphrase.
Dump your file/s into that container Then upload that to a free file share service or FTP it directly.
If it’s real big, you can use something like master-splitter (or any other file splitting software) to split the container into smaller pieces which can be reassembled on the other end. You could also .rar the file and create a multipart .rar or 7z file. (Splitting is good for large files because there is less chance of corruption.)
The catch with this method is that you and the recipient need to agree on a passphrase beforehand. That has to be done in person of course.
Less secure would be to send the passphrase via PGP encrypted email.
And if you’re a bit paranoid, you can send the container via tor, but that’s painfully slow for large files so split them.
One good feature of truecrypt is the hidden container function. Meaning if you’re forced to give up the password, the hidden container will remain hidden and look like random data.
-flek
I’ll stick to the Kryptonite. Just as effective.