Better safe than sorry – CALIPIO’s approach to End-to-End Encryption

Whether you are using WhatsApp, Telegram or Signal, your conversations between you and your network are for your eyes only, pun intended. Perhaps the James Bond reference is quite fitting, even though we are not MI6 agents. Undoubtedly, we’ve entered an age in which people, thanks to whistleblowers like Edward Snowden no longer live under the elusion that everything we do online is anonymous. Why it matters you may ask, if you don’t have anything to hide? Just like you whispered something into someone’s ear before, to keep your conversation secret, you share incredibly intimate things about yourself in chats and around the internet. Whenever you get tailored ads while reading your Guardian article, it’s because something about yourself, like your location, search queries or buying preferences were made accessible to a corporation, wanting to monetize this information. So who has a vested interest in eavesdropping on your conversations and why?

  • Companies, in order to profile you to send you targeted ads. Have you ever seen an ad, where you thought, I recently talked about this with a friend, how do they know? Apart from Metadata about yourself, e.g. your location and other personal information like sex and age, companies or their algorithms know more about you than they should.
  • Tech savvy criminals, i.e. hackers or nosy employees of the company storing your data, who have an interest in stealing your identity, get unauthorised access to your bank account, sell trade secrets to the competition, or hold you hostage over the pictures of the night you barely remember.
  • Public bodies, like governments, who not only want to catch bad guys, but wouldn’t mind snooping around in your private life to find out that you pick up a texas mickey at the liquor store once a week, resulting in you getting an invite to an AA meeting.

Now that we’ve established that your privacy matters, let’s take a look at one technology you might have heard about. If not, rest assured you are using it every day when you send your friends emoji-filled messages on Whatsapp.  The technology in question is End-to-End Encryption (E2EE). While E2EE has become a buzzword and is no longer unique, we have combined it with TLS in our in-browser screen recorder. Quick side note, it hasn’t been done before. Not only do we intend to explain to you in an accessible way how it works, but also why it’s awesome, so hang tight.

CALIPIO E2E encryption

We at CALIPIO decided that shareability between devices and access on demand, all need to be key tenets of our solution, while not skimping on your security. Your security is crucial to us. “But, how do you ensure that my data is safe?” That’s a very good question. CALIPIO’s security protocol keeps you safe every step of the way. From the minute you decide to record your little puppy Baxter chasing his tail, to storing the video file on our server until your mum gets to watch it, it is safe. Your mum can rest assured that she will only get to see a video of little Baxter without a third party eavesdropping on her, or sending along some nasty spyware within the link.

Alright, now that we have gotten that out of the way, let’s have a look at how our solution actually keeps you safe at all times. We shed light on two essential safeguards – Transport Layer Security (TLS)  and E2EE –  and how these keep you safe during the 4 steps of your media file’s journey,  so nobody else, but you and your mum get to share moments of pure bliss with Baxter.

Client-side recording and encryption

So what happens to that recording of little Baxter or your onscreen recording of your unrivalled  Online Poker skills that you want to show off to your future boss at PokerStars, once you’re done recording?  Simply put, a random key is generated on your side, encrypting the recording, using nifty technology you can read up on here. The encrypted recording is then transferred to our cloud, where it remains encrypted. NO unencrypted data EVER leaves the client. That means, even if anyone from CALIPIO would want to see little Baxter chase his tail or admire your second-to-none Texas Hold’em skills , it would simply not be possible, unless you sent us the link and we knew your password. 

Server-side storage

The next pillar of our state-of-the art encryption is the storage of your encrypted data on our server. While you might say, wait a minute, why is my data stored on a server, isn’t that a threat to my privacy?  It is a very valid question. First off, it is stored so your mum can watch the video of little Baxter anytime she wants, not just when she is manicuring her nails, but whenever she wants to see something heart warming. 

This article discusses the merits of using End-to-end encryption, on top of Transport layer security

So how do you protect my data? First, as mentioned previously, your data arrives on our server in an encrypted state. It is NEVER decrypted, as much as we would love to see your dog videos. Because we believe in doing things a cut above, we implemented End-to-End encryption next to TLS. To put this in perspective, most companies only use HTTPS (TLS), which allows people hosting your data to access your unencrypted video files on a server.

Yes, yes, I will explain what this means.  I’m sure we all have seen a movie in which a creepy van is parked containing guys with headsets and other equipment not accessible to us average folk, eavesdropping on the unsuspecting victim. Similarly to the previous example, TLS keeps nosy creeps like the Hamburgler out, while your video is on it’s way to the server and from the server to your mum’s phone. 

The assumption, however, is that TLS will do the trick by itself, since the people hosting your data are sworn to protect your information, or at least claim to guard your data with their life. Unfortunately rogue third parties or server glitches may cause your Baxter and Poker videos to be exposed to a much broader audience than solely you and your mum and perhaps your future employer PokerStars. With E2EE and TLS – a match made in heaven – you won’t EVER have to worry about your cinematic masterpieces getting into the wrong hands.

On a side note,  TLS has three main characteristics, should you be interested: the connection is private and reliable, and the identity of the communicated parties can be authenticated. The latter is only important for the server, NO ONE ELSE.

Sharing is caring

Of course, it is important that things are shareable on all platforms you commonly use, but is it really user friendly when my data is encrypted? The answer is a resounding YES, at least here at CALIPIO! When you are done recording your video you are given a shareable link that already contains the key. Whether your mum is using Facebook, Whatsapp, or maybe she has already jumped on the Signal train, everything is fine, your Baxter video is safe, irrespective of what platform you and your mum use. That’s the beauty of it, it’s easy as pie to use, without you having to compromise on security. 

Client-side decryption and playback

Now that your mum or PokerStars – to revisit our other example – both are about to open the Baxter video and your screen recording showing off your amazing Poker Face, what happens? First off, the recording is downloaded from the server. Without having to do anything, the recipient will receive the key that was randomly generated on your side and embedded in the link. All your mum and your future boss Todd at PokerStars have to do, is hit the play button. While we can’t ensure that Todd over at PokerStars will be sufficiently dazzled by your Poker skills, to oversee the next 10-million dollar tournament, we can ensure that your recordings are FOR YOUR, YOUR MUM’S AND TODD’S EYES ONLY and the useability as smooth as butter.

Putting it all together

No effort was spared in creating a unique user experience (UX), while not cutting any corners when it comes to your privacy. In fact, we are doing much more than many other companies, using E2EE, in addition to TLS. While TLS under normal circumstances is fairly safe, there is a possibility for tech savvy criminals and rogue third-party individuals within a company hosting your videos, to intercept your message on the server. Although this does not happen very often, we even considered this scenario and added another layer of security to our recorder, E2EE. This makes it next to impossible for anybody to hijack your files during their entire journey, from your device to the server and on to your mum’s, or anyone’s else’s device for that matter. 

And even while your file is stored on our server, it ALWAYS remains encrypted. Picture a titantnium, bullet and laserproof box, containing your file and the key….then being sent on to the server and ultimately the recipient. Once it has arrived at it’s destination, it magically opens. Only the box is a link that looks like gibberish when you look at it. 

This means, you should only be thinking about directing cute puppy videos, showcasing your Poker skills, or whatever else you need to show, including tutorials, presentations and the list goes on. As for everything else, CALIPIO has you covered. 

So why not try it right now?  We’re sure you’ll be delighted. 

1 Comment

Leave a Comment