Security experts who have built an end to end encryption solution with all data fragmented around the world never in one jurisdiction.
Security experts who have built an end to end encryption solution with all data fragmented around the world never in one jurisdiction. Read more
Who are we ?
We are a group of Penetration testing companies and security experts who design government systems around the world and attempt to break into others. "Yes," we designed systems with government taps. Why did we come together to do this? Edward Snowden and Julian Assange had the courage to risk their liberty to come out into the public and release information about the American Government PRISM program and other ally secrets. We knew then it was time to get together and build an online solution they we would use; with our expertise, defence in-depth, government experience and internal telecommunications knowledge; 'To use our skills for good, not evil this time around.' It is in their legacy we built a robust system, with end-to-end encryption ,not just off U.S shore, but scattered around the world in tiny encrypted fragments. We have four initial products to choose from according to your 'security' requirements and 'paranoia' levels.
The company's name originates from Carbyne - the strongest substance on earth and 'Fiber' represents optical fibre. The company’s logo represents the 'PRISM program'. Hydra is a Greek mythical creature with multiple heads, if one is cut off another grows back in its place. Carbyne Fiber's unique security design ensures there is no one encrypted data location; If one geo-graphic site is subpoenaed or shutdown, it grows back instantly in another location around the world.
What we have built
We have built an end-to-end encrypted email and data 'two factor', splintered around the world solution. No encrypted data rests ever in the one jurisdiction. Instead, it sits encrypted and fragmented around the world, immune from government interference. Using techniques mastered over the past 10 years writing fragmented encrypted data simultaneously to over 10 secure locations under around the world never in the one country. When you access your encrypted data it’s a bit like a private bittorent - your data is pieced backed together and presented back to you. If a geo-location is unstable we simply move it without disruption and without your encrypted data falling into anyone's hands. Even when the data is put back together and presented back to you, the location head site rotates, to ensure no central country weak spot. There is no metadata, we have developed a method of stripping all metadata from your emails
The inventors are professional hackers and security experts. We design secure solutions that we would use ourselves. We use Multi Vendor Defense in Depth Firewalls/Anti Virus/IPS and HSM appliances and perform penetration tests around the clock. We are a headless organization, like 'Hydra the mythical creature' to prevent unnecessary attention. We monitor the solution 24 X 7 in our own SOC.
This solution is for serious security minded customers, there are plenty of free Hushmail and Scandinavian offshore solutions. We have studied and used the Hushmails, Lavabits solutions and others like it in the U.S, Switzerland, Norway and Sweden which we applaud. However, when we got together as a united group, the question we were all asking was, "Where would we store our data?"
The astounding answer was, a computer without a network card and sitting in the centre of a room".
Security will always come first before ease of use, commercialization and network speed. Many encrypted email providers give you the precise software, algorithms and keys used in a solution to make you feel at ease. We believe though 'in security by obscurity'. By providing too much information, hackers and government agencies have a better understanding of the technologies used and how to break them. The security appliances and algorithms (U.S, Russian Chinese and French), we use, are far greater than that of any government’s requirements for their agencies.
We don’t do penetration tests once a year for a compliance tick in the box. We perform these tests on our systems around the clock. When one cycle has finished we begin another, with over 20 penetration tests done annually. All our systems are monitored 24X7 by us, no external groups, no 3rd party access. Some of our security frameworks and principles are outlined below;
Dedicated and owned by us.
All Metadata stripped using unseen techniques.
Multi-tiered, multi-vendor firewalls and routing
Multi-vendor Anti-Virus, Anti-Spam
Multi-vendor Intrusion Prevention systems
Multi-vendor Host based Detection
HSM tamper proof Key Management
Denial of Service Protection
Physical monitoring of the equipment in caged environments
Tempest Acoustic Cryptanalysis protection
PKI splintered Infrastructure with more than 5 Key Custodians
Security Cleared Staff who are equal company shareholders
No Data is ever in one country, no entire one location backups. Fragments are backed up only.
Anonymous email accounts without user verification. similar to numbered Swiss bank accounts.
All products require a hardware token/device before you can even see the website;. it is not accessible to anyone without it. This keeps out the 'masses' from brute forcing user/password combinations and 'one-time' passwords.
The Cautious - For the cautious user. 'The Cautious' © was designed by Security Experts, Hackers and ex government security architects and is the first of its kind in the world. We send you a Secure Clientless USB key that holds your private certificate to securely access the website after you enter in your secure pin. No one from the public can access the site without it. From there you can send and receive email encrypted emails.
The Paranoid - For the paranoid user. 'The Paranoid' © was designed for the Paranoid who doesn’t even trust their own computer. There could be key loggers, malware, or the NSA has accessed your BIOS. We send you a Hardware encrypted 'Iron Key Windows to go device' preloaded with a locked version of Windows which you 'boot-up-off'. Your private certificate is also installed. You type in your passphrase and you can access the services as above in 'The Cautious ©'. All of your data is encrypted end-to-end and fragmented around the world; Great for people that still want a Windows operating system.
The Tin Foil - For the Tin foil hat user. 'The Tin Foil' © was designed for the 'Tin Foil hat wearer' who don’t even trust their own computer, who doesn’t even trust Microsoft and doesn’t even trust their input device, i.e. because of hardware key loggers. There could be key loggers, malware, or the NSA have accessed your BIOS or 'back-doored' Windows 8. We send you a Hardware encrypted Linux bootable USB token with its own 'external pin coder keyboard' preloaded with a secure open source Linux distro which you 'boot-up-off'. Your private certificate is also installed. You type in your passphrase and you access the services as above in 'The Cautious ©' All your data is encrypted end-to end and fragmented around the world. The Tin Foil is for Linux users.
The Snowden - For the ultimate security. 'The Snowden' © was designed for the Ultimate Shadow. We use the Tin Foil concept with a twist. There is no public access. Using the USB Linux Hardware encryption key which you 'boot-up-off', you VPN in to our facilities with 3 factor authentication, segregated from our other secure products. No servers are publicly available and you use our splintered private networks for email and data storage.
There have been new encrypted email solutions popping up since the Edward Snowden releases such as DarkMail, ProtonMail, Lavabit and Hushmail. There are also some companies moving offshore to Scandinavia where there is no PRISM or tapping programs. We love these businesses. However they are still susceptible to internal subpoenas or U.S pressure to hand over the encryption keys. They all lack one thing; security from end-to-end and data resting in one location. We have split our Headquarters, Payment gateways, Company registration and Domain names to prevent any shutdowns.
We have privately funded over 10 private locations for the splintered data around the world. This includes; dedicated servers, racks, cooling, security appliances, SIEM and SOC costs. We want to now purchase in bulk hardware encryption devices like 'IronKey' and 'PKI' tokens to reduce unit costs and speed up postage time to launch the products.
For More Details
Risks and challenges
There are no risks or challenges; we have already built 10 of these locations its now just a matter of helping us pre purchase these encryption devices.
We know a lot of end-to-end to email encryption companies will come and go. We are here for the long haul and have factored in Payment pressure (Paypal V Proton Mail) and Government interference (NSA V Lavabit), for the long haul. Each company shareholder is an independent cell. If a cell gets shuts down the other cells continue on including continued 'shutdown cells funding'.Learn about accountability on Kickstarter
- (34 days)