Wednesday, April 8, 2009

WebNerd Alert: Legacy Locker...Keeping your InterWeb pRon Collection Safe for Generations

Well, not really (re: the title of this post). But nevertheless, this is the type of service that'll probably become more and more popular as the generations that have grown up with the InterWeb get older.

Legacy Locker allows you to pass along your usernames/passwords for all your online accounts in the event that you die or are disabled. So it's not so much as a repository of archived pRon (which is probably what I'd really need) but a place to store your usernames/passwords and people you would want to have them. This begs the question: Who is YOUR e-beneficiary?

Would you want your wife/husband, parent, brother, sister, child having access to all of your email accounts? This service implies an interesting proposition of what people have in their online accounts and just how much of it they'd want to have "die" when they die.

Nevertheless, I think this is a useful service that I am NOT going to jinx myself by trying. I've told people all along to destroy/incinerate my computers whenever I drop dead. Lord knows I don't need anybody seeing all the foolishness I've got stored on those things.

8 comments:

Bob Stewart said...

VitalLock is another coming service that serves this market but goes a step further by encrypting your information so only your beneficiaries can open or view. http://VitalLock.com

miKeSee said...

Hey Bob, thanks for the comment. Legacy Locker does encrypt...

https://www.legacylocker.com/features/security

It would be pretty useless to offer a service like this that does not encrypt your information.

Bob Stewart said...

The difference is, the folks at LL can decrypt and view your data, with VitalLock that is impossible.

miKeSee said...

Interesting. Why would LL need to decrypt and view my data? Knowing this would make me very apprehensive about signing up.

But I'd also argue that any party that has the ability to encrypt your data also has the ability (as the encrypter) to decrypt if given the time and resources.

Bob Stewart said...

I'm not suggesting that they would want to but they can, and should they be compelled to, would provide your unencrypted information. Our solution makes this scenario impossible as the encryption is done on your system before any data is sent to our system ensuring that even if compelled to provide your data, which we also would do, we can only provide uselessly encrypted information.

miKeSee said...

I see your point. But isn't there a big risk when encrypting on the client side because of the potential threat of malicious software on the user's machine?

Bob Stewart said...

First, thanks for the good dialogue! Though your right that malware is a concern, we have have done all we can to have mitigated that risk by making our client side app be a https delivered digitally signed Adobe AIR application. This AIR app only works after you have both logged in and entered your passphrase and it handles all of the encryption and decryption locally.

miKeSee said...

No prob (re: dialogue).

I'm not familiar enough with AIR to know whether or not that could be a potential breach point but from your description is sounds like risk involved with the process by which encryption takes place on the client side is going to be seriously mitigated. I was actually shocked to hear that encryption takes place on the client side (hence my comment above) but between the secure connection and an access-controlled application interface on the client side it sounds like the potential risk for data theft is limited. Good stuff.