Privacy improvement

Updates to context rating engine

Posted by Cam on October 26, 2021

While we’ve offered end-to-end encryption for quite some time, our contextual rating engine (the bit of code that “rates” websites/apps) would still send the sites you visit to our rating engine server using only common encryption (HTTPS). We didn’t persist any data from these requests other than 24 hours logs for troubleshooting, but this was a key area of improvement that we wanted to target, as a malicious actor (aka hacker) could infiltrate Truple’s backend services and view those requests.

Today we’re happy to announce that we’ve upgraded our contextual rating engine. Instead of sending the website/app details to our engine to be rated, we’ve designed a way for the Truple app to request to download specific chunks of our rating engine database and then assign the rating itself.

The Truple app now calculates a collision prone hash of the website/app you’re using. Using this hash, the Truple app can download a “chunk” of our contextual rating engine database. With this chunk, the Truple app is smart enough to rate the website/app on it’s own, without needing to send any other data to Truple’s servers. This is a big boost for privacy, as a malicious actor would only be able to see the collision prone hash, which doesn’t inform them of the site/app you were visiting.

Be sure to upgrade your Truple apps to get this improvement. It’s currently available on Android, Windows, Mac, Linux, Kindle, with an updating coming soon (pending review) for Chromebook. Due to limitations imposed on Apple for iOS, we don’t currently support end-to-end encryption on iOS.

Never miss a blog post. Subscribe now!