ZeroDB has kicked off the new question for all networked software:
Is It End-To-End Encrypted?, with a resounding YES!
From ZeroDB, an end-to-end encrypted database, is open source!:
We’re excited to release ZeroDB, an end-to-end encrypted database, to the world. ZeroDB makes it easy to develop applications with strong security and privacy guarantees by enabling applications to query encrypted data.
zerodb repo: https://github.com/zero-db/zerodb/
zerodb-server repo: https://github.com/zero-db/zerodb-server/
Documentation: http://docs.zerodb.io/Now that it’s open source, we want your help to make it better. Try it, build awesome things with it, break it. Then tell us about it.
Today, we’re releasing a Python implementation. A JavaScript client will be following soon.
Questions? Ask us on Slack or Google Groups.
The post was authored by MacLane & Michael and you can find more information at http://zerodb.io.
PS: The question Is It End-To-End Encrypted? is a yes or no question. If anyone gives you an answer other than an unqualified yes, it’s time to move along to the next vendor. Sometimes, under some circumstances, maybe, added feature, can be, etc., are all unacceptable answers.
Just like the question: Does it have any backdoors at all? What purpose the backdoor serves isn’t relevant. That a backdoor exists is also the time at which to move to another vendor.
The answers to both of those questions should be captured in contractual language with stipulated liability in the event of breach and minimal stipulated damages.
I first saw this in Four short links: 8 December 2015 by Nat Torkington.