Hacker News new | past | comments | ask | show | jobs | submit login

It's secure multiparty computation, specifically tailored for spreadsheets: your secret inputs never get out of your computer in plaintext form, only in encrypted form between the participants of the computation. For the moment, it's closed-source: but it'll be gradually open-sourced in the future, just give it some time.



Sorry, but if I had data so sensitive that even my business partners cannot see it, I wouldn't certainly input this data into a closed source application provided by an anonymous third-party. This is data security 101.


"Cutting-edge cryptography: Benefit from the latest advances in cryptography research with our Patent-pending technology" as your website says, is a scary statement. If you're not using well vetted cryptography, that's a huge red flag. The Harry Potter quote sums it up best:

“Ginny!" said Mr. Weasley, flabbergasted. "Haven't I taught you anything? What have I always told you? Never trust anything that can think for itself if you can't see where it keeps its brain!”

As relatively security-literate users of an app where we'd be putting personally identifiable information or other details we don't want getting out, it stands to reason we want to see a history of commits on an open source project and a history of security audits and preferably be able to refer to RFC's for the algorithms and protocols used.

Unless you guys open source and publish audit details, it's not worth my time to consider this product. No disrespect meant, it's just common sense.


You can read more details about the algorithms/protocols here: https://www.calctopia.com/2017/02/01/on-the-security-model/

I don't agree with the statement "because is open-source is more secure"; for example, OpenSSL has been open-source for almost 20 years and it's difficult to consider it really secure. Only code reviews by experts make software more secure.

BTW: quoting Harry Potter doesn't make you look serious.


I didn't say open sourcing the code was the only important thing.

And I don't give a rat's ass about looking serious :)


I've heard that before.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: