No Hidden Back Doors in SafeHouse

January 16, 2008 22:06 by pavritch

Every now and then a prospective customer asks me if SafeHouse contains any secret or hidden back doors that might allow us as the publisher, or worse, law enforcement, to somehow gain access to files encrypted with SafeHouse.

Answer: Absolutely no way never!

What's interesting is that some people would rather we actually had some special way in so that if they lost their password we might have some way to help them. But that would create all kinds of problems -- make that nightmares. How could we ever know who is the rightful owner of the data?

If you're worried about losing your password, you should consider purchasing our Professional Edition which has some methods for you to reset the password yourself based on entering your own personally-chosen administrator password. This administrator password must be established before you start using the product. You can find videos on how all this works here.

SafeHouse is designed such that we have no way at all to assist you, law enforcement or anyone else recover a password under any circumstances. This is why our product is so secure and why people choose it over some of our competitors.

Do we ever get calls from law enforcement? Yes, we do. And yes, I would take that to mean that some not-so-fine citizens have decided to use SafeHouse to encrypt things that aren't on the up and up. But the answer is always the same: There is nothing I can do to help.

Something more realistic:

The majority of our revenue comes from large corporate licenses. These companies use SafeHouse to safeguard a variety of things from financial projections to topical maps of where to drill for oil. And because they're big companies with deep pockets, they often find themselves involved in legal matters in the standard course of business. Here, I'm talking about routine legal disputes; not illegal activities.

What's important to these large customers is that there is absolutely no hidden way in to SafeHouse. If there was, you can imagine that I'd be slapped with a subpoena every now and then from oposing parties in any of their private legal matters. And since I don't have millions of dollars to put up a legal fight, I'd be in a very awkward position. What if it were the Feds asking me to help them get in using a Patriot Act subpoena? If I didn't comply immediately, I'd be a terrorist.

The bottom line is that companies and individuals using SafeHouse to protect important files want the sole and exclusive right to determine when and if they might disclose that information to another party. Just because somebody sends you a subpoena doesn't necessarily mean they're entitled to the information. A case in point is when Google fought off a Federal Government subpoena about a year ago when the Feds demanded they hand over histories of how people search.

Since SafeHouse has no way in, anybody using it can know with absolute certainty that they are 100% in charge of when that data is disclosed. I cannot be threatened with subpoenas, jail, violence or even bribed with huge amounts of cash.

No way in means no way in.


Add comment


[b][/b] - [i][/i] - [u][/u]- [quote][/quote]