Hacker Newsnew | past | comments | ask | show | jobs | submit | geekbeast's commentslogin

Redwood City has a lot of nice houses near the downtown for under $2M


It didn't when we were looking. We didn't see a single property come up on the downtown side of El Camino. We would have liked that, but we didn't see it. And also $2M would also not have been within the band we were looking for.


Like this? http://www.abc10.com/news/local/sacramento/modular-apartment...


Yes, like that, except I think you could make the process even more efficient. Make the modular units more "plug-n-play". Maybe even make them replaceable, so if an apartment is old and damaged, a new unit can relatively easily be swapped into its place and the old one recycled.


Kryptnostic | Redwood City, CA | ONSITE

We're helping individuals and organization safely leverage their data in the cloud by building products & services that make it possible to search encrypted data server side without access to plaintext or keys.

We're looking for an experienced front-end engineer with deep knowledge of HTML5/CSS and React.js. No crypto knowledge required and mobile experience a plus.

Submit a resume to jobs@kryptnostic.com to apply.


Registration is a request to https://api.kryptnostic.com, which gets an A:

https://www.ssllabs.com/ssltest/analyze.html?d=api.kryptnost...


We agree. RC4 must die.

Will post back once we have resolved the issue.


I noticed the change, thank you.


Yes, but there are some limitations when doing server side sharing of documents without a central trusted authority.

It's dangerous to accept shares from untrusted sources as it exposes you to attacks by malicious servers colluding or impersonating a user.

Without using Oblivious RAM you risk losing query privacy, when indexing documents that consist of one word repeated many times.


This is definitely an issue and has been for a few years now: http://community.embarcadero.com/index.php/blogs/entry/the-h...

One thing in our favor is that we're not using a lattice or ring-learning with errors approach, which is where the majority of the patents lie.

Our general IP strategy is to only use patents defensively, and make that technology available under open source licenses that allow unrestricted non-commercial use.

We're also making all of our SDKs Apache v2 so that its easy to integrate into other software stacks.


Which type of fully homomorphic encryption are you using?

Edit: Ah, found your patent: http://www.google.com/patents/US20130329883


We'll have a more readable write up available on ePrint, soon.


This.

If you aren't doing client-side encryption and keeping the keys private, the server has access one way or another.


From a practical perspective, yes. From a threat model perspective not really.


It protects from a bunch of lesser threats, like backups leaking keys, anyone hacking a front end box getting keys, needing to rotate keys when employees change, etc.


There's a third risk here.

3) Exploit programmatic access or side-channel attacks on the data.

If the server can decrypt the data and this is driven by code on the box, then you're in a DRM-like situation trying to hide data from a program that has legitimate access.

As you alluded to earlier protecting data at rest doesn't protecting during use.


Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: