-
-
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
age
A simple, modern and secure encryption tool (and Go library) with small explicit keys, no config options, and UNIX-style composability.
EnvKey[1] moved from OpenPGP(RSA) to NaCl for its v2, which recently launched.
It’s causing a difficult migration for our v1 users. Moving to a new encryption scheme is not fun for a product with client-side end-to-end encryption.
But within a year or so after releasing the v1, it seemed like the writing was on the wall for OpenPGP and RSA. I didn’t want to go down with a dying standard.
NaCl is so much better. In spite of the migration headaches that will likely cost us some users, I’m very happy I made this decision. It’s so much faster, lighter, and more intuitive.
It’s legitimately fun to work with, which I never thought I’d say about an encryption library after cutting my teeth on OpenPGP.
1 - https://github.com/envkey/envkey
> I thought it was because there are at least a dozen ways to securely encrypt/decrypt data, most of which are audited.
Any yet people still implement on top of and leverage those lower-level libraries poorly.
>Skimming their site they seem to offer some sort of encryption + service hosting?
I believe they have a hosted SaaS solution now, but Vault is FOSS: https://github.com/hashicorp/vault
>I don't see how this is much different than any of the other options out there.
Vault manages your application-level encryption so you don't have to. That's a lot different than most of the options out there.
>And not really an equivalent to using RSA as it looks to be tied to their hosting.
It's not tied to their hosting. Spin it up on some VMs or a kubernetes cluster.
>I also tend to not trust for profit companies with things like this (esp. if it's closed source or I can't know what the servers actually run).
It's open source and HashiCorp... That's like saying you don't trust Linux with things like this because of RedHat.
>Has this service been audited?
Yes.
>Has it withstood against the US court system like veracrypt has multiple times?
Yes.
>Do their founders have any history that goes against good data security?
How do you not know who HashiCorp is?
>Your post sounds like an ad if I'm being honest.
Nope, just a happy user.
I'm not familiar with NaCl, websites that don't seem to have been updated in 7 years (version states 2016?) make me a little suspicious about the future viability of said projects. Perhaps it's not something that needs to be updated very frequently, but my knee-jerk reaction is that it looks abandoned, especially considering that they have an "upcomming features" section.
What made you choose it? Could PGP/GPG with ed25519 keys not have been sufficient? What makes NaCL "fun to work with"? For me, fun to work with would be Age [1] or Ring [2] with a elegant and well designed API. I'm also aware that the older something is, the more likely it has undergone peer review and security audits, unlike new Rust crypto libraries.
[1]: https://github.com/FiloSottile/age