We are a group of Penetration testing companies and security experts who design government systems around the world and attempt to break into others. "Yes," we designed systems with government taps. Why did we come together to do this? Edward Snowden and Julian Assange had the courage to risk their liberty to come out into the public and release information about the American Government PRISM program and other ally secrets. We knew then it was time to get together and build an online solution they we would use; with our expertise, defence in-depth, government experience and internal telecommunications knowledge; 'To use our skills for good, not evil this time around.' It is in their legacy we built a robust system, with end-to-end encryption ,not just off U.S shore, but scattered around the world in tiny encrypted fragments. We have four initial products to choose from according to your 'security' requirements and 'paranoia' levels.
The company's name originates from Carbyne - the strongest substance on earth and 'Fiber' represents optical fibre. The company’s logo represents the 'PRISM program'. Hydra is a Greek mythical creature with multiple heads, if one is cut off another grows back in its place. Carbyne Fiber's unique security design ensures there is no one encrypted data location; If one geo-graphic site is subpoenaed or shutdown, it grows back instantly in another location around the world.
What we have built
We have built an end-to-end encrypted email and data 'two factor', splintered around the world solution. No encrypted data rests ever in the one jurisdiction. Instead, it sits encrypted and fragmented around the world, immune from government interference. Using techniques mastered over the past 10 years writing fragmented encrypted data simultaneously to over 10 secure locations under around the world never in the one country. When you access your encrypted data it’s a bit like a private bittorent - your data is pieced backed together and presented back to you. If a geo-location is unstable we simply move it without disruption and without your encrypted data falling into anyone's hands. Even when the data is put back together and presented back to you, the location head site rotates, to ensure no central country weak spot. There is no metadata, we have developed a method of stripping all metadata from your emails
The inventors are professional hackers and security experts. We design secure solutions that we would use ourselves. We use Multi Vendor Defense in Depth Firewalls/Anti Virus/IPS and HSM appliances and perform penetration tests around the clock. We are a headless organization, like 'Hydra the mythical creature' to prevent unnecessary attention. We monitor the solution 24 X 7 in our own SOC.
This solution is for serious security minded customers, there are plenty of free Hushmail and Scandinavian offshore solutions. We have studied and used the Hushmails, Lavabits solutions and others like it in the U.S, Switzerland, Norway and Sweden which we applaud. However, when we got together as a united group, the question we were all asking was, "Where would we store our data?"
The astounding answer was, a computer without a network card and sitting in the centre of a room".
Security will always come first before ease of use, commercialization and network speed. Many encrypted email providers give you the precise software, algorithms and keys used in a solution to make you feel at ease. We believe though 'in security by obscurity'. By providing too much information, hackers and government agencies have a better understanding of the technologies used and how to break them. The security appliances and algorithms (U.S, Russian Chinese and French), we use, are far greater than that of any government’s requirements for their agencies.
We don’t do penetration tests once a year for a compliance tick in the box. We perform these tests on our systems around the clock. When one cycle has finished we begin another, with over 20 penetration tests done annually. All our systems are monitored 24X7 by us, no external groups, no 3rd party access. Some of our security frameworks and principles are outlined below;
Dedicated and owned by us.
All Metadata stripped using unseen techniques.
Multi-tiered, multi-vendor firewalls and routing
Multi-vendor Anti-Virus, Anti-Spam
Multi-vendor Intrusion Prevention systems
Multi-vendor Host based Detection
HSM tamper proof Key Management
Denial of Service Protection
Physical monitoring of the equipment in caged environments
Tempest Acoustic Cryptanalysis protection
PKI splintered Infrastructure with more than 5 Key Custodians
Security Cleared Staff who are equal company shareholders
No Data is ever in one country, no entire one location backups. Fragments are backed up only.
Anonymous email accounts without user verification. similar to numbered Swiss bank accounts.
All products require a hardware token/device before you can even see the website;. it is not accessible to anyone without it. This keeps out the 'masses' from brute forcing user/password combinations and 'one-time' passwords.
There have been new encrypted email solutions popping up since the Edward Snowden releases such as DarkMail, ProtonMail, Lavabit and Hushmail. There are also some companies moving offshore to Scandinavia where there is no PRISM or tapping programs. We love these businesses. However they are still susceptible to internal subpoenas or U.S pressure to hand over the encryption keys. They all lack one thing; security from end-to-end and data resting in one location. We have split our Headquarters, Payment gateways, Company registration and Domain names to prevent any shutdowns.
We have privately funded over 10 private locations for the splintered data around the world. This includes; dedicated servers, racks, cooling, security appliances, SIEM and SOC costs. We want to now purchase in bulk hardware encryption devices like 'IronKey' and 'PKI' tokens to reduce unit costs and speed up postage time to launch the products.
There are no risks or challenges; we have already built 10 of these locations its now just a matter of helping us pre purchase these encryption devices.
We know a lot of end-to-end to email encryption companies will come and go. We are here for the long haul and have factored in Payment pressure (Paypal V Proton Mail) and Government interference (NSA V Lavabit), for the long haul. Each company shareholder is an independent cell. If a cell gets shuts down the other cells continue on including continued 'shutdown cells funding'.
Registration and shipping for "The Tin Foil" product and free email access for one year. Encrypted email end-to-end, 'two factor authentication' and splintered data around the world. Normally $300 Registration and $150 per annum. The Linux USB drive is yours to keep.
The Paranoid - Registration and shipping for "The Paranoid" product and free email access for one year. Encrypted email end-to end, 'two factor authentication' and splintered data around the world. Normally $300 Registration and $150 per annum, yours free. The 'IronKey with Windows 8' is yours to keep.