Hi Oded,
It was an off-the-cuff remark about the use of the phrase "PRISM-proof".
That's akin to the phrase "unbreakable encryption", a phrase most
cryptographers will say is not a reality/possible[0].
The snake oil comment was more about potential future products coming to
market claiming to be "PRISM-proof" as well, and that wasn't directed at
your product or company directly. My concern is about companies or
individuals capitalizing on such phrases like "***-proof" and putting their
customers at risk because the customer may trust the product a little more
than they should.
Personally, I would have been fine if you said "PRISM resistant" or you've
"developed a product to resist threats such as NSA and their PRISM program".
With all that being said, I'm happy and excited that you're putting forth
technologies that could potentially resist NSA attacks and I appreciate
your efforts in that matter.
I've CC'd the list on the chance others interpreted my curt, snarky reply
the same way.
[0]: With the exception of one-time pads, of course ;-)
On Tue, Oct 29, 2013 at 2:24 PM, Oded Horovitz <oded@xxxxxxxxxxxxxxx> wrote:
Justin,
If you are interested to hear more about our architecture and why it is
nothing but snake oil, I would be happy to spend my time over a short call,
and explain what we have built, and how and what it can defend against.
At the least you would have an informed opinion ;)
In regards to you comments that is linked in this article:
http://blogs.computerworld.com/security/23036/prism-proof-solution-public-cloud-security-salvation-or-snake-oil
Best regards,
Oded Horovitz
Co-founder, PrivateCore.