"Given the sensitive nature of what Dekoda is analyzing, Kohler says it designed Dekoda and the accompanying Kohler Health app "with privacy-first features" including so-called end-to-end encryption (E2EE). But according to freelance journalist, software engineer, privacy expert, and former Federal Trade Commission technology advisor Simon Fondrie-Teitler, Kohler is misusing the term "E2EE". Writing in the premiere post of his /var/log/simon blog, Fondrie-Teitler dug into Dekoda's use of the term E2EE and its treatment of user data."
"According to the blog post and our review of Kohler's privacy policy, user data is encrypted "at rest, when it's stored on your mobile phone, toilet attachment, and on our systems," as well as in transit. That said, Kohler has access to user data, meaning its version of E2EE "is simply HTTPS encryption between the app and the server, something that has been basic security practice for two decades now, plus encrypti"
Dekoda attaches to existing toilets and uses a downward-facing camera to analyze human waste for gut health, hydration, and the presence of blood. Kohler promotes privacy-first features and claims end-to-end encryption for the Dekoda device and the Kohler Health app. A privacy expert examined Dekoda's E2EE claim and found that Kohler's implementation allows the company access to user data. User data is encrypted at rest and in transit, but Kohler retains the ability to decrypt and view stored information. The marketed E2EE resembles standard HTTPS between app and server rather than true end-to-end encryption.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]