After an incredibly productive nordic summer, we're back with some amazing updates to Cryptee! We have a lot to cover, so let's dive right in.
TOTP MULTI-FACTOR AUTH
We know that many of you have been eagerly waiting for this moment. You can now add time-based one-time password multi-factor authentication (TOTP MFA) to your Cryptee accounts. (+additional methods coming soon) So after reading this blog post, grab a cup of coffee, fire up your authenticator devices and head over to your login & security settings page to set up TOTP MFA for your Cryptee account.
With that, while updating and improving our login page, we decided to redesign it as well. Starting today, you will be presented with a new even more beautiful login page which can adapt and accommodate different multi-factor authentication methods.
Here's what it looks like without TOTP multi-factor authentication :
And here's what it looks like with TOTP multi-factor authentication :
Finally, you will of course be presented with recovery codes just in case if you lose your TOTP device. Our setup will guide you step-by-step to help you get started and stay even safer on Cryptee.
More on 2FA, TOTP, WebAuthn at the end of the blog post.
Up next is Cryptee Photos.
CRYPTEE PHOTOS NOW SUPPORTS RAW PHOTOS FROM LEICA & HASSELBLAD CAMERAS, TIFF, DNG, 3FR, FFF, WEBP FILES AND MORE.
Many professional photo-journalists using Leica and photographers using Hasselblad cameras have been asking us to add Cryptee support for their cameras' native RAW photo formats, so that they could store their RAW photos alongside the JPG images side by side, in their Cryptee Photos gallery.
We're happy to announce that you can now upload Leica DNG, Hasselblad 3FR & FFF files, as well as TIFF and WEBP images straight to Cryptee Photos, and store them alongside and together with your JPG images. Here's an example where you can see how Leica RAW photos have a little red ( L ) RAW sign on them.
What's more is, Cryptee Photos can automatically extract the preview images from the RAW files during the encryption & upload phase, generate different sized thumbnails for you, and do it all on your device, in the browser / inside cryptee's progressive web app.
This was a monumental engineering task for the team. Un-encrypted storage services can easily generate thumbnails for your photos (and extract preview images from your RAW photos) on their servers. They can do this easily precisely because your photos are not encrypted and their servers and staff members can see your photos.
With Cryptee, all your photos are encrypted on your device, which means the entire process of generating different-sized thumbnails and preview images need to happen on your device, before both the photos and thumbnails can get encrypted on your device. Which meant that we had to ship support for all these complex imaging formats, and make it so that Cryptee can extract and generate thumbnails just from your RAW files, all inside your browser / in our progressive web app.
In particular, Hasselblad medium-format cameras shoot extremely large photo files, some of which could reach 400-500mb. So working with files this large meant making Cryptee Photos even more memory efficient as well.
In addition, for RAW photos only (such as DNG, TIFF, 3FR, FFF etc) Cryptee Photos now stores more EXIF information, such as the aperture, ISO, lens and camera info, and these are displayed in the corner when viewing your photos. So for example, here's a photo shot on a Leica M11 with a 35mm lens, and 1250 ISO.
Finally, you can now upload WEBP images both to Cryptee Photos and Docs. So if you like collecting / collaging photos from the web, you can use Cryptee for that as well.
We are working with other camera vendors to add support for their RAW formats as well. So if you have a Canon, Nikon or Sony camera, stay tuned for updates in the near future. Some camera manufacturers (like the aforementioned ones) use proprietary file formats, and since Cryptee is completely open-source, we need their legal permissions to be able to work with and support these formats in an open-source app.
So if you have a camera that shoots DNG, 3FR, FFF or you wish to upload TIFF files, you can start using Cryptee right away regardless of the camera manufacturer. Otherwise, you'll have to wait a bit longer for our legal team to deal with the paperwork.
With these amazing new features out of the way, let's talk about some improvements we had to make to all this possible.
2X MORE MEMORY EFFICIENT & FASTER UPLOADS
To be able to support processing, encrypting and uploading such large photos, we had to improve our entire encryption and upload pipeline. From apps to the servers. All uploads, especially on lower power devices should now be much faster, and use up to 2x less memory for larger photos.
WORKING WITH FAVORITE PHOTOS IS NOW EASIER
Many professional photographers shoot hundreds of photos, but heart/favorite only a few of their photos to edit. We made it so that in the album view you can now easily see which of your photos are favorites with a small heart icon on the bottom right corner of the photos. Here's what that looks like with these Leica M11 RAW photos.
Oh and we made it so that your favorite photos album now loads in a reverse-chronological order to make it even quicker to find your favorite photos.
Now back to multi-factor authentication. Let's talk nerdy for a bit.
What took us so long to add TOTP / 2FA / MFA
We wanted to take our time to do it right. Security is hard. Really, really hard. Making a major change to the login system / main-gates of a platform like Cryptee —a platform which is used by activists, peace-workers, reporters, journalists, victims and survivors abuse, etc— is even harder.
Logging in to Cryptee is already a difficult process. You need to have a username/email + password + encryption key. And we knew that adding yet another step to this process was going to make things even further difficult for the non-tech-savvy users of our platform out there.
So we thought it's wiser to keep an eye out on emerging new technologies like FIDO2, WebAuthn and passkeys which are slowly being standardized by big tech. We hoped to be able to substitute or reduce reliance on the traditional and now-aging, username + password and we wanted to simplify the login experience, and not make it even more difficult by adding yet another technical security step.
While we've been monitoring the improvements by big-tech companies that manufacture our phones, computers and operating systems, we realized how slow and unreliable their multi-factor implementations were. Here's an example:
In 2019, Apple announced support for FIDO2 hardware 2FA support in iOS 13.3beta, which would theoretically allow the use of hardware keys like Yubikey. Apple being the last company to add support for FIDO2, we thought a complete support for FIDO & WebAuthn would roll out right away and we could add support for yubikeys in a month or two. We were excited.
Fast forward, sadly —unbelievably— despite Apple announcing support for these technologies 4 years ago, still to this day in September 2023, they are not fully supported in iOS 16. As it stands, FIDO/WebAuthn on iOS has tons of bugs, and it's still not completely ready yet.
If you visit their bug tracker here, you can see that there are still many outstanding issues with FIDO2 & WebAuthn support and that iOS itself is not fully ready to support FIDO hardware at scale– i.e. bluetooth authenticators for iOS devices that don't support NFC)
Being the security-first company we are, and operating at the scale we do, we wanted to wait and bring only the best possible security enhancing technology, and do so when it's the right time. Since 2019, Cryptee's userbase has grown significantly and exponentially, and we realized that we should no longer wait for big tech.
OTHER IMPROVEMENTS & BUG FIXES
This update is also packed with thousands of small improvements and bug-fixes in all our apps and services. It's simply too many to list, but here are the major highlights :
— Improved offline mode / re-connection detection. (It's much better now. we promise.)
— Fixed some bugs when uploading large photos to Cryptee Photos
— Fixed Cryptee Photos displaying duplicate content on some devices
— Smoother scrolling for Cryptee Photos, which also uses less mobile-data when scrolling quickly and doesn't download & decrypt too many thumbnails.
— Cryptee Photos generates thumbnails for photos larger than 10,000px wide more efficiently on low power devices now, and can intentionally slow down uploads to better manage the available memory.
— Our servers are a little bit faster. You will likely notice the difference. Especially for the next item :
— Authentication / login / start-up times are now a little bit faster for both Cryptee Docs and Photos.
— Fixed some bugs with focus mode in Cryptee Docs.
— Fixed some bugs with pdf / paper-mode in Cryptee Docs. (We're still working on fixing a few more, and hope to have more fixes out in the next update. Moral of the story, use less paper folks.)
— We've added more error messages
— PDF viewer menu-bar now has a few more buttons for needy and demanding PDFs.
— Sexy QR code for multi-factor-authentication. We think many other companies will get jealous and copy our style. (not exactly a fix or an improvement but had to mention. we think it's so cool, because you can now store your QR code as JPG somewhere in a thumb drive if you want and know that it belongs to Cryptee easily with the logo and everything)
— If you use a Leica Monochrom camera, Cryptee can automatically detect it and give you a big warm monochrome hug. (because we love our Leicas and B&W photography as much as you do.)
We would like to thank you for all your enthusiasm, help, understanding and kind paid support! All these amazing new features (and what's coming up on the horizon) wouldn't be possible without you, your feedback and bug reports. If you're enjoying your experience on Cryptee, please consider supporting us by upgrading to a paid plan or by spreading the word.
We hope you enjoy this update as much as we do, and we will be looking forward to hearing your thoughts, ideas, feature requests, bug reports and what you think about our new features overall!
Stay safe, and all the very best from Northern Europe,
On behalf of Team Cryptee,