A Welcome Note from Founder

on October 10, 2018 - featured

Welcome to EPRIVO Private Email!

I am super excited to introduce EPRIVO, finally. EPRIVO is a BlueRISC brand and is the company’s first product in the consumer space that we worked on for several years. It brings user-friendly solutions to meet consumers’ privacy needs in the cloud. Email privacy is our top priority at this point but we have efforts ongoing that are complementary.

It is extremely difficult to make and keep emails private.  Conventional emails are stored by multiple providers in the cloud as part of the delivery protocol and are also controlled ultimately by the recipients. Monetization by vendors drives for data-mining in the cloud, etc. Cyber threats, insiders, consumers’ (senders and recipients) security habits, and hidden software vulnerabilities add further to this list.

The EPRIVO solution provides the following unique benefits: Read more

Why shall most email information be thought of as sensitive?

on November 26, 2018

Many people believe that their digital content is not so sensitive and therefore their privacy is not a concern to them. Here is why that is wrong thinking.

It is simply hard to judge what is sensitive. You can lose your digital content anytime and your content may even become more sensitive over time. There are multiple points of vulnerabilities, most of which are outside your control. Your emails remain in the cloud and in the recipients’ devices, potentially forever, after being sent. Your content may be leaked anytime and anywhere along the paths an email takes, even in the future or even at your recipients.  That can happen because of weak passwords on email accounts or because of a break-in at one of the servers that store your content, or a compromise can occur at any of your recipients’ providers or their devices get hacked, to name a few reasons.

We would argue that one does not know what content deserves confidentiality, and content that is not sensitive today may become sensitive in the future. All your emails are better kept confidential and you shall retain control over them forever, just to be safe, ideally. Here is why in a bit more detail:

Read more

Best Practices Series: Social Engineering & Phishing Attacks. How Is EPRIVO Emailing Made Resilient?

on November 10, 2018

Social engineering is a commonly used attack vector against unassuming users that does not require any sophisticated technology. It is worth knowing how to recognize these attack attempts, and avoid falling victim to criminals aiming to gain access to one’s computer or device, and/or online accounts. Typical phishing attacks are malicious emails masquerading as something important/useful. Such emails can be in the form of a request from someone important at work, from your bank, school, doctor, lawyer, friend or relative, etc. In these emails attackers typically ask for passwords, for sensitive information to update accounts online, or ask you to pay some fees after accessing a fake website that looks similar to the actual one they imitate. In summary, these kinds of attackers may use one or more of the following tactics.

Read more

Best Practices Series: Sender-Controlled Privacy – Protection in the Cloud and Recipient’s Devices.

on November 2, 2018

How are the sender-controlled privacy features used? EPRIVO includes special privacy features that can be associated with each EPRIVO email we send. The availability of features depends on the type of subscription, but here we will discuss them in general. Importantly, these features are above the baseline privacy of email content that is always present in the cloud as well as in the sender/recipient devices.
Read more

Physical & Digital Security

on October 24, 2018

Emails are extremely vulnerable to privacy violations during their lifetime. Firstly, emails are often archived for many years as users accumulate a large number of emails that are spread in the cloud. Also, security breaches, service provider insiders, deliberate data mining, implementation vulnerabilities, and weak user passwords, are among the factors that lead to most people’s emails being compromised at some point in time. In addition to the vulnerabilities related to senders and related providers, the privacy of an email, as soon as it is sent, depends on the recipient’s providers in the cloud, and on the recipient’s devices and security habits. The recent vulnerability discovered on SSL, the digital security layer of web servers, called HeartBleed, further highlights the challenges faced.

Is it even possible to attain email privacy? The EPRIVO email privacy service combines government-grade digital security (e.g., AES-256 encryption) with the idea of physical security or separation implemented in the cloud. Read more

Threats to Email Privacy are Socio-Technological

on October 12, 2018

First what is Privacy and what factors affect Email Privacy? Wikipedia defines it as “Privacy (from Latin: privatus) is the ability of an individual or group to seclude themselves, or information about themselves, and thereby express themselves selectively”. Privacy has a technical aspect as well as a socio-economic one, and threats to privacy can come from either of these factors. Email privacy is vulnerable to both kinds of threat.

Socio-economic factors are often driven by societal factors that include monetization needs, politics, power, culture, political systems or religions. Although these things are sometimes simply part of life, they can nonetheless be defined in terms of privacy or in terms and conditions agreements between parties. For example, free services often utilize the information of a user as part of a monetization scheme such as targeted advertisements, asking users to agree to their terms. In short, privacy in this socio-economical context may be vulnerable to:
Read more