Unlike other tech companies, Armadillo offers you the ability to truly own your data. By purchasing your own Armadillo Server, you control all the communications and infrastructure your Armadillo products use. This means your data is stored and routed through a server you control, not us. Not only does this give you greater control, but also transparency: you can be sure your data isn’t being stored insecurely and the server isn’t backdoored.
Decentralized networks are inherently harder to attack. Attackers are more enticed by a single target with lots of sensitive data, than many targets with fewer data. This is the same reason hackers often prefer to target servers (which store the data of many users) over single devices. Decentralization provides resiliency, attacks only affect a single server, instead of the entire network. Additionally, it allows you to compartmentalize access, with multiple decentralized servers your administrators only have access to a limited amount of users instead of everyone.
We design all our networks to be zero-trust. This means the server never has access to any sensitive user data like unencrypted messages or passwords. All connections to Armadillo Server use the strongest possible encryption: TLS 1.3 with high-strength ciphersuites. When using official Armadillo software, your TLS certificate is pinned directly in the app which prevents many kinds of interception attacks. TLS 1.3 provides encryption for your connection to the server, however all sensitive data is also encrypted using end-to-end encryption which protects your data from being read by the server. Passwords are stored encrypted using the well-tested Scrypt algorithm, which is designed to be extremely computationally difficult to crack.
Traditionally, each protocol uses its own unique “network port” to make a connection. For example, email uses a different network port than web traffic. Each connection also needs a “domain”, such as example.com which identifies where the traffic is going. The network port and domain information are both sent unencrypted, this type of information is called “metadata”. Metadata allows people doing mass surveillance to see what kind of data you’re sending to and where. So that they can either block it, intercept it or spy on your connection more closely. Attackers can also use metadata to identify individual users with timing analysis attacks.
Armadillo Server uses “TLS multiplexing” to make all connections to the same port, using the same domain. All traffic is encrypted identically using TLS 1.3, which makes it impossible to detect what protocol is being used. This allows you to eliminate metadata and makes timing analysis attacks more difficult. Multiplexing also allows you to bypass corporate or national firewalls designed to block communication, by appearing to be normal web traffic.
Armadillo Server splits each of its internal software components into separate “containers” that are heavily restricted and run independently. Containers limit the impact of an attack, because if an attacker compromises a container they only have access to that container’s data and not the whole server. In addition, it allows us to keep the server’s TLS encryption key in a container separate from the rest of the software. This way, even if all other containers are compromised, your server’s encryption key is still safe.
Although Armadillo Servers can communicate with one another by default, you can disable this if you’d like, along with a number of other configuration options.