My Buddy – Host-Proof Hosting. Where I go, It Goes.

Security on the web has pretty much dominated my life in the past few months (unfortunately my social life as well). I’m usually the hit of the social scene until I try to explain Host-Proof Hosting. It just always seems to come up when I talk about work…Really. I try to explain using my limited technical knowledge and then I usually end up using the example of having a safe deposit box in a bank, with only you having the key – and this seems to sum up more or less how Host Proof Hosting and Passpack work together. It almost seals the deal but…people are still not completely convinced. And rightly so. They usually get the last word with – ‘How can I be 100% sure that the people behind Passpack really want to protect my data?’ And my pitch ends there.

I can talk about how I’ve gotten to know Francesco and Tara and how with their patience and complete transparency have converted me into becoming an advocate for online privacy. I’d convince a few people. But it might be a little difficult for Francesco and Tara to meet each and every one of their potential users.

Who Said It First

First off, let’s give credit where credit is due – Richard Schwartz. Thanks to him the concept of Host-Proof Hosting was given a name. The freedom to store anonymous data is used by applications such as Passpack, Passlet, Clipperz, eSecureKey, Halfnote and LockBin – all paving the way for ‘privacy on the web’.

Passpack’s Open Source Library

Passpack has released an Open Source Library so that now people can build their own Host-Proof Hosting applications (get it here). In doing so, Francesco, Tara (and me!) hope that more people will follow in these footsteps. The more available these techniques are, the more diffused they will become and users will feel safer on the web.

Or will they? Better yet, should they? Should we really be putting all our eggs into one host-proof hosting basket? I mean it is only a security pattern….GASP!…’Did she just say ONLY a security pattern?’

Nothing’s Perfect

Don’t get me wrong. I think Host-Proof Hosting is the best thing since sliced bread but it’s true – How do we know that applications using Host-Proof Hosting are working towards our best interest? How do we know that they are not just riding the security wave? And what’s more, now that Francesco has released Host-Proof Hosting Open Source Libraries, how do we know that people will use it to help make the internet safe?

The answer is – I guess we don’t. I guess that’s where the word freedom really carves itself a definition in Web 2.0 – the choice of trust.

So now when I’m out and about and the inevitable question of ‘So what do you do?’ comes up – I give them my animated talk and in response to their question – ‘How can I be 100% sure that the people behind Passpack really want to protect my data?’ – I simply say – First, you need to know the structure and the people behind the application and then you need to decide if you trust it.