Security and listening to your customers. (c) chuston

App Reviews
Video Reviews
EN
- English
- Deutsch
- Français
- Español
- Italiano
- 汉语
- 日本語
- Українська
- Русский
- Português
- Polski
- Nederlands
- 한국의
- Türk

Security and listening to your customers.

First, Bloom is either ignorant of the difficulty and cost of securing user data or insincere in their commitment to do it. Second, they’re ignoring the serious and legitimate concerns of their user base - there is no acknowledgement on their “top requested features” and support site that their user base is incensed over the DayOne Sync service.

Online security is hard. I’ve done security projects for banks and wire transfer companies. The sophistication of attacks is staggering. The notion that Bloom is going to provide a FREE sync service that is secure is pure fiction. It takes full time staff - expensive staff with expensive intrusion detection systems - at a minimum. The costs just keep rising from there. Apple and DropBox have EVERY reason to spend mountains of money on security. Bloom doesn’t have the money to spend and the business incentives are purely about marketing optics.

The notion that “public key encryption” might be added at some later date is silly on two fronts: 1) it isnt there now leaving all current user data vulnerable and 2) private key management is the weakness of Bloom’s encryption plans. Bloom wants to provide web access to your journal - which means Bloom has must have access to the private keys - which means hackers can have access to the private keys and it’s all for naught. Yes, you can use a password to obsfucate the private key but now you’re playing a game with the customers: pretending your providing “public key encryption” when really your still dealing with passwords.

All Bloom could really claim is that they’ve made it more difficult for a hacker to steal ALL of the journals at once. It wouldn’t do much to protect an YOUR individual journal unless only you have the keys. But if only you have the keys, the web access to the journal is impractical and again it’s all for naught.

Time to find some other journaling tool. This time, I’ll need one that uses some kind of open format - since it seems any given tool is only good for a few years either because of platform changes, company longevity or unsavory decision making as displayed by Bloom.

chuston about Day One

App Reviews
Video Reviews

AAA Slotscenter World Gambler Slots Game - FREE Slots Machine
Map Reading And Land Navigation!
ごぼう抜き！
Cedarglen Living NB
Covenant Grace Church

Site powered by Softwario. [ Create free website for mobile app ]
Contact us: [email protected] Abuse: [email protected]