When you use a web application, you leave your data at the mercy of the company who runs it. Usually, this isn’t a problem, but not always. Last week, the web-based help desk application Zendesk was hacked, potentially exposing data from users of Twitter, Tumblr and Twitter, which all use the application for customer support.
Part of the problem is that a web app gathers so many eggs in one basket. If someone hacks a service provider, it can affect many different people.
But if each user’s information was encrypted so that only that user could see it — locking out even the service provider — then we could reduce the risk of putting our data in these centralized web services. That’s the aim of Crypton, a new open source project that hopes to make it easier for app developers to add this type of encryption to their applications.