Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

New, Privacy-Oriented, FOSS Web-mail: Mailpile

Soulskill posted about a year ago | from the piles-of-mail-are-hard-to-spy-on dept.

Communications 116

New submitter Juggler writes "Mailpile, a new Free Software project out of Iceland, launched at the #OHM2013 hacker festival in Holland today. The talk's brief demo garnered rounds of applause and was followed by the launch of an Indiegogo campaign which, if funded, will allow them work full time on building a modern e-mail/web-mail client. The team's main goals are to address the usability issues that prevent non-technical folks from taking advantage of secure e-mail today, bring new life to FOSS e-mail development and provide a realistic alternative to keeping e-mail in the cloud."

Sorry! There are no comments related to the filter you selected.

antiquated system (2, Interesting)

Anonymous Coward | about a year ago | (#44468139)

The real problem is that email is antiquated, are far more complicated than it needs to be. Instead of bolting a new face on it, make a better protocol.

Re:antiquated system (1)

Anonymous Coward | about a year ago | (#44468447)

> make a better protocol

what protocol or protocol changes do you propose?

Re:antiquated system (5, Funny)

Anonymous Coward | about a year ago | (#44469155)

what protocol or protocol changes do you propose?

In this day and age, isn't that obvious? We need to listen to what the majority of the computing public wants. It should be:

* Proprietary, closely controlled by a single large company
* All email must go through their servers.
* Have unavoidable advertising added to all emails.
* The protocol must be centralized rather than distributed
* The possibility to run your own servers should be removed.
* It should be limited to very short messages of no more than a few lines.
* It should only be available on locked-down devices

Most people have succeeded in getting some of those features by using gmail, but we're not all the way there yet, so there is still room for improvement.

+1 this ^ (0)

Anonymous Coward | about a year ago | (#44469291)

(since AC cannot upvote)

Re:antiquated system (1)

SuperTechnoNerd (964528) | about a year ago | (#44471333)

You forgot: All mail gets CC'd to the NSA

Re:antiquated system (0)

Anonymous Coward | about a year ago | (#44471391)

I was going to post "You forgot: All mail gets BCC'd to the NSA FTFY" ... but then I realized that you got it right the first time.

Re:antiquated system (1)

HybridJeff (717521) | about a year ago | (#44472103)

BBM with advertising added to it?

Re:antiquated system (0)

Anonymous Coward | about a year ago | (#44471673)

All ready done... is called BXXP ( BEEP before that ) and almost nobody know about it

Re:antiquated system (5, Interesting)

whois (27479) | about a year ago | (#44468551)

I've been considering a kickstarter for a new version of SMTP, while at least for the moment leaving IMAP alone. Specifically, the way headers are appended to mail in transit is unsupportable in a secure environment. The things I'm considering is that there doesn't have to be a flag day, you just need the vendors of several heavily used MTA's to support it as an option, then once 99% (or whatever number your company deems appropriate) of your email uses the new format you turn off the old.

This was poopoo'd in the past because there were 10s if not hundreds of thousands of email servers. Now people have pretty much stopped hosting most email and turned it over to google, yahoo, microsoft or one of the other major players. Therefore you're no longer faced with trying to get everyone to change things. You only need 5 major companies to change, and hopefully they're interested in the new protocol as well (nobody likes SMTP as it is, the question is can you get everyone to agree to some consensus of next generation email then move forward with it)

DJB's pull based email thing could be a part of this, maybe not the exact idea but something along those lines:

DJB's IM2000 (http://cr.yp.to/im2000.html). While I don't think all mail should be stored on the originating server, I think a mix could be used to provide more flexibility. Mailing lists could leave all the mail on the server, since a bunch of readers never read every message there isn't a point of exploding it out to thousands of mailboxes (except for reliability, and that could be gained by mail->nntp for public mailing lists)

Requiring domain keys could also be useful, since headers wouldn't be modified, just appended and signed.

If people are interested in crypto/privacy aspects, emails that aren't delivered but instead picked up by the recipients don't leak metadata like To, From.

It's probably best to approach this through the IETF, despite failures to make broad sweeping changes in the past, a new working group might be the best choice to get the interested parties involved.

Tangent here:

I also think that email clients need to be brought back and worked on. Thunderbird died because of two reasons: 1. Mozilla couldn't find a way to monitize it, and 2. Their biggest email competitor (gmail) and biggest contributor (google search) had already found a way to monetize email and thunderbird wasn't seeing significant updates at that point.

Other stuff I'd like to see in thunderbird:

Contact pictures on email (not something I think I would use, but nice for people used to facebook/twitter/etc). Integrated IM/Skype/Phone so you can effortlessly change the medium you're communicating through. Also the ability to send calendar events through IM or SMS would be nice.

Real synchronization. That includes plugins and every setting via a service like weave that is secure. This would also sync your passwords and gpg keys. Actually a generic weave-like framework that could be integrated with pidgin, thunderbird and other open source apps to sync across machines would be great. That would also fix major issues with pidgin's OTR.

So the reason I never kickstarted it is the same reason Mozilla doesn't work on thunderbird anymore. I have no idea how to monetize it in a way that would be long term sustainable. Users hate adds, they hate paying for software. Maybe an addon store, but that just means you're subbing the good development work to other people and then making the users pay to fix the things wrong with your app.

Re:antiquated system (2)

stenvar (2789879) | about a year ago | (#44468953)

Given that most large E-mail providers add massive amounts of privacy-invading info to E-mail headers (like the IP address where you wrote the message), I doubt the problem here is a limit on technology.

For monetizing, though, there's a simple solution: sell whatever you come up with embedded in a piece of hardware. A self-maintaining "E-mail plug" you just connect to your home network lets you charge for the software as part of the hardware. Other companies have been doing that, for example the Tonido Plug and the PogoPlug.

Re:antiquated system (4, Interesting)

AmiMoJo (196126) | about a year ago | (#44469203)

Mail clients died because webmail is more convenient for most people. I had been using mail clients since I first got online but then I went on holiday and decided to just use Gmail for three weeks. I realized it wasn't that bad and never bothered to go back to Thunderbird.

Re:antiquated system (0)

Anonymous Coward | about a year ago | (#44470743)

What could go wrong with government mail (Gmail) ? We know the government of the Soviet Union of America never wrongs.

Re:antiquated system (0)

Anonymous Coward | about a year ago | (#44472533)

Ironically, I found webmail to be such a useless pile of junk that I got a web hosting account just for the e-mail server access. What a luxury it is...

Re:antiquated system (2)

ancientt (569920) | about a year ago | (#44469471)

I have talked about the same goal several times, but any new system must be backwards compatible because there are around 14 million (SWAG) businesses that rely on free SMTP.

While you're chewing on that, Thunderbird is absolutely critical in that process. Most businesses don't want to think about email, calendaring, and shared address books but they get that with Exchange and Outlook. I've been interested in moving our company off of Exchange for some time but we're addicted to Outlook and need a simple to use replacement with the same features if we're going to stop using it. It's almost a chicken and egg problem, but just recently I have been getting close to a viable replacement on the client side with Thunderbird. As a bonus, it does digital signatures and encryption compatible with Outlook. The downside is the complexity of setup. Sure, I can set it up, but not the average user. I keep trying to find ways to make it easy though because if we can get off Outlook without much pain, we can get off Exchange later as well.

I don't know the solution yet, but I imagine Mailpile (or roundcube or similar) is part of it. Another piece is going to have to be a ranking system. For the next ten to twenty years, people are going to require the ability to receive messages sent with unauthenticated SMTP, but if you build security ranking into email, you can begin to phase that out by having messages with a trust ranking system. Give +10% for digitally signed messages, +10% for encryption, +20% for a verified sender system, +20% for reputation, +20% for willingness to buy into a pay-per-message system and assign the remaining 20% on factors like how the local email client and associates have handled mail from that sender in the past. You can even make the percentages variable if you have sensible defaults because most people will never change the defaults.

Sidenote, on the pay-per-message system, you pay 2 cents (or equivilant) per message sent outside your company and receive the same per message received on the same system. One of the historical problems that seemed insurmountable was the problem with the cost of microtransactions being too high. It costs around 30 cents to do an electronic transaction, so anything smaller costs more than it yields, but that's not the case anymore with something like bitcoin and you could do a twice daily cash-out with Coinbase to avoid the pain of volatility. For me that's been the single most important and too often overlooked appeal of crypto-currency. It allows for mico-transactions to be a commercially viable option. You could do it with fractional payments through a traditional bank as well, but none want to handle it when there is still income to be had by having eveyone use a system that pays them more.

I don't really care if it is Thunderbird, Coinbase, Bitcoin and Mailpile, they're just examples of types that I'm using due to my own familiarity. Feel free to substitue alternatives for any of them if it makes more sense for implementation or discussion.

Re:antiquated system (1)

icebraining (1313345) | about a year ago | (#44470653)

The problem with Bitcoin (and blockchain based currencies) is that they don't really deal well with microtransactions. Since each transaction has to be sent and confirmed by a bunch of nodes, they impose a lot of strain on the miners. Eventually we should see rising transaction fees, which will probably kill such systems.

Re:antiquated system (4, Insightful)

drinkypoo (153816) | about a year ago | (#44469677)

No need to replace SMTP. Just add "more" stuff on to it. Not necessarily on top of other extensions, feel free to supersede them. But you need to support SMTP for the foreseeable future, and it's kind of nifty to have such a dirt-simple interface to mail for those cases in which it is useful, such as inside your organization for alerts and whatnot. I don't automate anything based on email these days, but it's still not useless.

Re:antiquated system (1)

nine-times (778537) | about a year ago | (#44470739)

I think there's a big problem here that isn't really about protocols or technical matters. Taking a step back from specific proposals for replacing protocols, part of the problem is that we can't agree on a vision for email in the future. Some people want really complicated formatting and media embedding, while others want to return to a text-only world with attachments. Most of us want to do away with spam, but lots of big companies still want to be able to market to us through email. Some people want end-to-end encryption as a security feature, while others view it as a security threat, and still others believe it's an unnecessary inconvenience. Some people want email to provide some kind of authentication that it's coming from the person it purports to be coming from, while others are more interested in making sure email can remain anonymous.

I think if you really want to overhaul email, you first need to get some big players to come to a consensus on what the desired endpoint of development looks like. People keep running off to try to develop replacement protocols and UIs without really even thinking through the goal first.

Aside from identity verification, spam filtering, and end-to-end encryption, there are some pretty obvious issues that I think people regularly miss:

  • Labels, tags, and metadata: Many different groups have developed methods for tagging emails, but these tags don't really transfer. Gmail has labels. Microsoft Exchange has categories. Thunderbird has tags. Apple Mail has different colored flags. These methods aren't meaningfully compatible, so Gmail labels get turned into folders by mail clients. Microsoft categories don't show up in clients. Mail color flags and Thunderbird labels are held in the client itself, I believe, so they'll be lost outside of the local cache you have on your client. And on top of it all, there's no real way to send an email with tags that your recipient will receive if you were inclined to do that.
  • Long term storage/tracking/archiving/searching: The amounts of email that we send and receive has become overwhelming, and people are regularly trying to send big attachments. There are a lot of different commercial products and services to help with this issue, but there's not really a great standard solution for managing the situation. Some of them even run contrary to each other-- e.g. products like "YouSendIt" or "Dropbox" may help solve the issue of sending large attachments, but by not including the attachment in the email itself, mail archives may end up with a dead link in place of the original content. It would be nice to have a comprehensive solution to all this. I see too many people these days with 50GB mailboxes and no great way of managing all that storage. I'd like to see some best practices and open standards being supported cross-platform.
  • Competing communication methods and accounts: We have tons of different competing methods of communication, and it's not clear why we need them all. I myself have several email accounts, SMS accounts, IM accounts, weblogs, forum memberships, phone numbers, voicemail accounts, social networking accounts, etc. Some of the redundancy is intentional on my part, but a lot of it is because I've been forced to create these accounts to talk to different people. I need a gmail account to participate in hangouts. I need a AOL account to talk to people on AIM. I have some accounts just to remain anonymous, to give to possible spammers and such, and other similar reasons. I believe we should try to look at these different communication methods comprehensively, and figure out what we're trying to do with each one, how they should be implemented, and how they should be stored. For example, I'm not sure we need SMS, email, and IM as three different protocols of communication. Maybe we just need different interfaces depending on the situation in which we're using them, but they can all pass through the same communication gateways using a consistent protocol.
  • Limits of plain-text, including threading and quote levels: This one is pretty vague, but I believe it's worth considering that email is somewhat limited by being formulated to be simple plan-text. Admittedly the simplicity makes for something pretty powerful and versatile, but it's not without problems. I mentioned above that many platforms have tried to add some level of tagging, but that kind of metadata isn't available in a standard way. In addition, there are times that we want email to be machine readable, but email doesn't make such things easy. For example, email replies generally include the original email, generally indented with a special character, and including some kind of header. There are conventions, but not really a formal standard, as far as I know. There aren't hidden tags to make the separation explicit. This is just an example, to point out that it's hard to refine the metadata of email content, since the email content is delivered in either plain text, rich text, or HTML-- none of which are formulated specifically for email content. I suspect it may be worthwhile to come up with a new XML variation specifically for email, though sharing some overlap with HTML.
  • Display/formatting standards: When people do want to send an email with specific formatting, there's unfortunately no way of telling how the email will display on the recipient's side. Now I don't mind the idea that a user might choose to view things in a different format-- if you want to read your email in a plaintext reader, more power to you. I'm referring more to the fact that different clients will simply read the email in different ways. You might attach a file, embedded at a particular place in the text, and then the recipient might just see it as an attachment at the bottom of the message. If I want to include in image in the HTML formatting, I can pass it as an attachment, which may not be displayed properly. If I put in a url to the image, it will probably be blocked by many clients because there's a risk it's being used to track the message. Unfortunately there's no real "right way" to handle these issues.

Sorry for rambling on a bit, but I really just wanted to give some examples of how email has some fundamental limitations that harm the user experience. Part of the reason these problems aren't getting solved is that businesses are more interested in locking users in, and less interested in providing a standardized solution. But a big part of the problem is also that these issues aren't recognized by the techies who are capable of solving them. Techies get wrapped up in technological issues. They want to have end-to-end encryption, but they don't make the process of end-to-end encryption so simple that my grandmother would use it by default. Techies get wrapped up in improving the efficiency of the SMTP protocol, but they don't seem to consider that Thunderbird tags get lost when you move to a different mail client.

Re:antiquated system (1)

teknopurge (199509) | about a year ago | (#44470871)

we've actually had a lot of new mail-only hosting customers for over the past 2 years. The consolidation of email to the freemail providers is overrated.

Re:antiquated system (1)

http (589131) | about a year ago | (#44471343)

Those five corporations have demonstrable incentives to not make email secure.

Re:antiquated system (1)

msobkow (48369) | about a year ago | (#44471457)

You seriously underestimate the number of small and medium sized businesses who run their own email servers.

Re:antiquated system (1)

The Cat (19816) | about a year ago | (#44471541)

There you go. Let's tie e-mail to Facebook.

Users hate paying for SHITTY software. Write software that isn't SHITTY and you'll have no problem monetizing it.

Free clue: tying e-mail to Facebook = shitty. Have a nice day.

Leave e-mail alone.

Re:antiquated system (1)

tibman (623933) | about a year ago | (#44468563)

If you make something else, that's great. But it won't be email. The adoption rate will be very low.

Re:antiquated system (1)

Anonymous Coward | about a year ago | (#44468607)

Email was around long before SMTP and will be around long after SMTP and all of it's anachronisms are dead and buried.

"whois" makes a good point above -- most of the world's mailboxes are controlled by Google, Microsoft, and Yahoo. (Plus IBM/Lotus and a few other providers) If only three key people start talking, the entire email infrastructure could be replaced within a few years.

Re:antiquated system (2)

TheSeatOfMyPants (2645007) | about a year ago | (#44468637)

That email has been around for a long time doesn't automatically mean it's "antiquated" or in need of a rewrite. It fulfills the most important goals:
-- send & receive messages over a secure connection
-- use any client we want, whether local, networked, web, in a remote shell...
-- read & send when it's convenient (non-live)
-- email back-and-forth right away (eg. if chat services aren't allowed)
-- style the letter as a document via WYSIWYG editor or hand-coded HTML
-- or send plain text, no formatting/HTML
-- embed all forms of media
-- request to be notified when our recipient reads the message
-- refuse to let our client notify someone that asked when we open it ;)
-- download the messages as an archive, leave them on a server, or both
-- interact with anybody regardless of what companies host the accounts
-- host our own servers & personal domain

Let's be honest here... If our generation(s) of developers tried to create an equivalent "electronic mail" type of service, we wouldn't get a standardized protocol for all servers to follow -- we'd end up with a ton of little competing services that would dictate how we access/send the messages, which competing mail services they're compatible with, and basically everything else, just like the norm in the blogging & social networking arenas. (Or incompatible pre-Internet networks like CompuServe & AOL, except those didn't sell our private data or plaster ads on the screen, and doubtless today's tech would.)

Re: antiquated system (1)

rjstanford (69735) | about a year ago | (#44469023)

That happened in the past, too, and then we got sendmail - the middleman between all of them. Writing sendmail.cf by hand was a rite of passage! Over time SMTP appeared as the winner, which enabled far simpler tools to emerge on the server side and more powerful clients to send mail directly.

Re:antiquated system (1)

Immerman (2627577) | about a year ago | (#44469889)

>-- send & receive messages over a secure connection

What definition of secure are you using? Current protocols make no guarantee that mail will be delivered at all, and transmit everything as clear text which makes interception and/or manipulation trivial for anyone so inclined. You may be using an encrypted link between your terminal and server, but from that point on everything is plain text, so it's really only your password which is secure (a big step up from when that was plain text as well, but still far from secure).

If PGP or some alternative gained widespread support it *could* be secure, but that has nothing to do with email as it exists today.

Re:antiquated system (1)

AdamWill (604569) | about a year ago | (#44470545)

TLS.

Re:antiquated system (1)

icebraining (1313345) | about a year ago | (#44470671)

TLS is fine until you reach the MTA. Then you have no guarantee that the message won't be passed as plain text. And even if TLS is used on each hop (unlikely), you still don't have a real end-to-end secure connection, just a chain of many connections, with middle men who can see all the emails.

Re:antiquated system (1)

Joce640k (829181) | about a year ago | (#44468655)

The real problem is that email is antiquated, are far more complicated than it needs to be. Instead of bolting a new face on it, make a better protocol.

People who find it intolerable for those reasons that are already using whatsapp, etc

Re:antiquated system (1)

thetoadwarrior (1268702) | about a year ago | (#44469057)

All the old protocols like email and newsgroups are completely open and flexible allowing anyone to build the client they want. No one invests in that anymore. Everyone wants to lock you in. That's why we have a billion ways to message people rather than everyone using a single protocol like jabber.

So good luck on getting a new something new that helps the consumer in anyway.

Re:antiquated system (0)

Anonymous Coward | about a year ago | (#44469181)

> Everyone wants to lock you in.

Because that's what people want: to be locked in.

Beats me why. But it's what they want. You get the internet you deserve.

Re:antiquated system (1)

Anonymous Coward | about a year ago | (#44469323)

The real problem is that email is antiquated, are far more complicated than it needs to be. I

Yes, it would be much better if it was like all the recently developed IM protocols:

"See you on kik?"
"No, can't, sorry I use yahoo."
"I can't either... I'm on skype."
etc

Email is one thing: standard. Everyone on every type of device can use it. And what in the hell do you mean by "far more complicated than it needs to be?" I agree the protocol could be improved, but complicated? You enter the recipient's email address, or more likely just click it from your address book, type your message, and push "send". How much easier can it get? The big improvements need to come in areas like mail clients using encryption by default, and so on. But the basic thing is trivial to use, unless maybe I'm missing some new depths of "dumbed-downness" that's happened recently to make typing a message and pushing send "too hard" for most people now?

Re:antiquated system (1)

znrt (2424692) | about a year ago | (#44469567)

And what in the hell do you mean by "far more complicated than it needs to be?" I agree the protocol could be improved, but complicated? You enter the recipient's email address, or more likely just click it from your address book, type your message, and push "send". How much easier can it get?

i guess he means complexity of setup: to use an email client you have to point it to a mail server. for a vast majority of users this simple concept is one too much if they can simply log into gmail and not have to worry about shit.

Re:antiquated system (0)

Anonymous Coward | about a year ago | (#44470767)

I assume most citizens of the Soviet Union thought it as equally comfy as gmail. If you were a faithful member of the working class, would you really have to fear Felix Tshershinsky's offspring ? Besides, Felix killed only those few millions who were too dumb to have the same insights as that marvellous man Lenin !

Re:antiquated system (1)

vlueboy (1799360) | about a year ago | (#44472291)

It gets worse. I'm starting to see people who started out using webclients like yahoo, but are increasingly failing to grasp the www itself. When their cheap smartphone breaks Facebook (which has PM-esque emails)*, they have no idea how to pick up their ball on the webbrowser, and that they can just enter their credentials there. The level of lock-in is ridiculous, because people cannot tell the difference between the App and the web version of anything, other than "ooh, I like it on my phone better..." Similar gripe about people who take out their 3MP phone camera to futilely grab monitor stills because they just can't handle using email attachments.

Re:antiquated system (1)

nurb432 (527695) | about a year ago | (#44469717)

Not in the least. Just because you don't have an attention span long enough to read past a 4 word tweet doesn't mean the rest of us doesn't.

Sure, email isn't appropriate for everything ( never was, that's why god made telephones and meetings ) but its still appropriate for many things, especially in the business world.

Re:antiquated system (1)

AdamWill (604569) | about a year ago | (#44470519)

Email is precisely as complicated as it needs to be.

Self Host with Roundcube (3, Informative)

nullchar (446050) | about a year ago | (#44468169)

Or you could run Roundcube [roundcube.net] on a host you trust. Setup Postfix to use TLS to send/receive mail from your trusted friends who also run their own email systems.

Re:Self Host with Roundcube (0)

Anonymous Coward | about a year ago | (#44468205)

"Planned features..Support for PGP and S/MIME encryption"

Sounds like Roundcube doesn't quite fit the requirements to compete here.

Re:Self Host with Roundcube (0)

Anonymous Coward | about a year ago | (#44468571)

Roundcube is pretty shitty compared to most commercial webmail platforms. Better options are needed in this space.

Re:Self Host with Roundcube (1, Flamebait)

thatkid_2002 (1529917) | about a year ago | (#44468701)

Roundcube is PHP based - and comes with all the joy PHP provides... Please turn your sarcasm detector on to enjoy the full effect of this posting.

Re:Self Host with Roundcube (0)

drinkypoo (153816) | about a year ago | (#44469671)

PHP is not the problem with rcmail or squirrelmail or any of the other freely available web-based email systems, most of which run on PHP or even better, ASP or ASP.NET. They are their own problems. None of them are half as usable as gmail. Some of them are almost half as usable as a typically bad desktop email client. But PHP is not even a slight impediment, because you don't need anything out of PEAR or what have you in order to run any of these. You just need typical modules dealing with mail, e.g. imap.

TLS? (0)

Anonymous Coward | about a year ago | (#44469049)

Trouble with the certificate system is the NSA has access to the US Cert authorities and can man-in-the-middle encrypted traffic. The G20 meeting leaks suggested they'd done this for a lot of intercepts on world leaders.

I'd prefer the end to end first-key-exchange that SSH uses when you connect to a server.
1. Public keys are attached to all outgoing messages
2. When you receive an email with a key you can choose to accept the key as valid
3. Email to that recipient is now always encrypted with that key
4. They can send you their public key via a different route (e.g. USB key) and you can enter the key that way to ensure it has not been tampered with
5. If you receive an email with a different key, the client warns you of the potential intercept. You can confirm/reject the change of key by other routes (e.g. ring them up and ask them)
6. You can lock keys in place as trusted to reject all further fake keys if you are sure the key is correct.
7. The mailto HTML tag is extended to include the public key, so banks, governments etc can post their email addresses on https sites, not ideal since https can be MITM'd if the NSA/GCHQ has packet intercept ability on the route, but that would be at least as secure as a TLS connection.
8. Windows machines may not be trustable at this point, see the PRISM and SKYPE documents, and Microsofts liaison department helping the NSA solve any encryption problems they have attacking Windows PCs. So this email client should work on all Open Source OS's and should take steps to protect the keystore.

Re:Self Host with Roundcube (1)

AmiMoJo (196126) | about a year ago | (#44469185)

Are there any remote hosts you can really trust? Sounds like the NSA/GCHQ have their claws into pretty much everything and are good at leaning on companies to silently comply with their demands.

Hushmail's fate? (0)

Anonymous Coward | about a year ago | (#44468213)

I wonder how long this project will run until it suffers the same fate that Hushmail did...

Re:Hushmail's fate? (1)

AHuxley (892839) | about a year ago | (#44468853)

Agent: We're from the US government and we're here to help ourselves to your users data.
Admin: Their servers dead, that's what's wrong with it?
Agent: So it is. 'Ere's some money and a couple of holiday vouchers.
Admin: ... Do you want to ftp back to my sever?
Agent: I thought you'd never ask.

More powe to them, but... (4, Interesting)

Kazoo the Clown (644526) | about a year ago | (#44468221)

There are a couple of tough problems to solve. One, defeating traffic analysis. Encryption is just a first step. Encrypting everything, no matter how trivial, will be important, and certainly helps, but it's not enough to keep listeners from knowing who is talking to who.

Second, bringing the public at large into the fold. Noone will use an email system that can't be used to send email to all their friends and family, most of which aren't going to be switching anytime soon. One thing that might help is a system that automatically knows when the recipient is encryption-capable, encrypts when it is, but when it's not, inserts a warning message that their email is not secure and may be stored by third parties and governments-- essentially an advertisement for switching to a more secure email system. This would help us all educate our friends and keep them reminded every time they get an email from us as to the issues. It could help convince them that it's worth switching.

Re:More powe to them, but... (0)

Anonymous Coward | about a year ago | (#44468343)

The first has a now-standardized solution in the shape of TOR.

As for the second, it doesn't work like that. You can't insert scary-looking messages like that in emails and thinking it has an effect. It'd look tryhard and everyone non-technical would think it's an error message. You need something like a standardized, benign symbol that works across mail clients, like the lock symbol for SSL in web browsers. You also need to have a nice, credible public face ("We're a good, social organization that helps society and not a bearded cabal of hackers") authoritatively explaining to people what the little symbol means. But I agree with using opportunistic encryption everywhere.

Re:More powe to them, but... (1)

Laxori666 (748529) | about a year ago | (#44468535)

The first has a now-standardized solution in the shape of TOR.

That's assuming the feds aren't running a sufficiently large amount of TOR nodes such that the chances they will have enough nodes on a route to compromise anonymity are fairly high.

Re:More powe to them, but... (0)

Anonymous Coward | about a year ago | (#44469371)

They would have shut down the well-known child pornography and drug trafficking onion sites posthaste if that was the case.

Re:More powe to them, but... (0)

Anonymous Coward | about a year ago | (#44468459)

I would support and help fund this if it expands upon POP/SMTP protocol, not if it's a proprietary browser.

Re:More powe to them, but... (2)

cultiv8 (1660093) | about a year ago | (#44468525)

Um, I'll bite, it's on Github [github.com] and licensed under AGPL.

Re:More powe to them, but... (0)

Anonymous Coward | about a year ago | (#44468773)

One thing that might help is a system that automatically knows when the recipient is encryption-capable, encrypts when it is

Enigmail [enigmail.net] with Thunderbird does this, if you have the recipient's public key associated with their email address, although it doesn't insert a warning for those who don't encrypt.

Enigmail is great, but try and convince friends or family to use it is like pulling teeth. Once installed and set up, it's a cinch to use. Why people are so resistant to encrypting their email, especially since the NSA leaks, is beyond me.

Re:More powe to them, but... (1)

rmstar (114746) | about a year ago | (#44469367)

Enigmail is great, but try and convince friends or family to use it is like pulling teeth.

Well, enigmail isn't that great. It hung when my wife tried to generate her key. Also, when I send her my public key, it didn't recognize it (I sent it as a .asc). It also adds some bogus "begin encrypted mail" headings around the encrypted text.

And It actually was a hassle to get working.

Re:More powe to them, but... (1)

loufoque (1400831) | about a year ago | (#44468965)

It has never been claimed that encryption is an anonymization solution.

Re:More powe to them, but... (0)

Anonymous Coward | about a year ago | (#44469159)

> There are a couple of tough problems to solve. One, defeating traffic analysis. Encryption is just a first step.

Concur! Add remailer functionality directly into local mail clients of normal users. Automate most of it.
To combat Spam, let users decide who of their friends can remail through them.

Re:More powe to them, but... (0)

Anonymous Coward | about a year ago | (#44469173)

There are a couple of tough problems to solve. One, defeating traffic analysis. Encryption is just a first step. Encrypting everything, no matter how trivial, will be important, and certainly helps, but it's not enough to keep listeners from knowing who is talking to who.

Second, bringing the public at large into the fold. Noone will use an email system that can't be used to send email to all their friends and family, most of which aren't going to be switching anytime soon. One thing that might help is a system that automatically knows when the recipient is encryption-capable, encrypts when it is, but when it's not, inserts a warning message that their email is not secure and may be stored by third parties and governments-- essentially an advertisement for switching to a more secure email system. This would help us all educate our friends and keep them reminded every time they get an email from us as to the issues. It could help convince them that it's worth switching.

Third, somehow ensuring that the company and/or datacenters hosting this service don't have NSA backdoors installed, rendering any encryption and privacy efforts entirely moot.

Re:More powe to them, but... (0)

Anonymous Coward | about a year ago | (#44471031)

(different AC here) - the point is that only the endpoints should have the keys, not some "service" in the middle. If anyone has your private key but you, then it is insecure by definition.

Re:More powe to them, but... (2)

AmiMoJo (196126) | about a year ago | (#44469191)

Just attach your public key to every outgoing email, and then clients that support it can automatically collect and start using it.

Re:More powe to them, but... (1)

icebraining (1313345) | about a year ago | (#44470689)

And how does that client know the key hasn't been replaced by someone else's? Yes, the message can be signed. But if you don't have the key, you can't verify the signature either, so that can be faked too.

Re:More powe to them, but... (1)

AmiMoJo (196126) | about a year ago | (#44470807)

In that case the sender's email account is compromised. That isn't the problem encryption is designed to solve.

Re:More powe to them, but... (1)

chihowa (366380) | about a year ago | (#44471781)

Or the email was tampered with in transit. The old key was stripped and a new key was added.

Of course every subsequent encrypted message will have to go through the man in the middle to avoid detection, but that's not too hard if they can tamper with the email in transit in the first place.

This part right here is really the hardest part of proper encryption. Secure key exchange is hard. Secure in-channel key exchange between clueless users is nearly impossible.

Re:More powe to them, but... (0)

Anonymous Coward | about a year ago | (#44471045)

That's true, someone could MITM it. But that's detectable, if you want to, and anyway it raises the bar HUGELY for intelligence services bent on mass scale surveillance. It's not very easy to MITM everyone in the world, and if they did, it would quickly be detected and people who cared about privacy could exchange keys by another more secure route.

So you're right, it isn't perfect, but it's way, way, way better than the situation today. It's a step in the right direction.

Re:More powe to them, but... (1)

ChadL (880878) | about a year ago | (#44470803)

Rather then attaching the public key, a system such as GPG's pka that publishes keys for e-mail addresses in DNS via DNSSEC signed records is likely a safer alternative against modified keys. It also allows the first e-mail between two people to be encrypted (as the key can be found via a DNS request).
PKA works now, but the clients have to be told to use pka manually, so its of limited value in its current state until adoption gets a little wider. Sadly leaves GMail and friends out in the cold (unless they offer a key publishing service to their DNS), but works well for privately controlled domains (since commercial webmail can't really be secure anyway, its as good as I think we are likely to get).

Bitmessage (1)

Anonymous Coward | about a year ago | (#44468267)

Anyone following such developments should look into bitmessage [bitmessage.org] . An encrypted p2p messaging system that takes the complications out of using tools such as GPG.

Re:Bitmessage (0)

Anonymous Coward | about a year ago | (#44469775)

It's a great idea but the implementation is somewhat lacking. There appear to be systemic problems with scalability.

That said, I certainly wish the devs good luck with the project!

Some nice ideas, but... (1)

MrEricSir (398214) | about a year ago | (#44468351)

How many users would really able to use this? Running your own server seems kind of extreme for the average user, and setting up maildir seems like a non-starter.

Re:Some nice ideas, but... (0)

Anonymous Coward | about a year ago | (#44468717)

Running your own server seems kind of extreme for the average user

Running your own server is what everybody used to do before Google gave people the offer of free unlimited storage that they couldn't refuse.

But now storage has become almost free anyway, so Google has lost that enticing advantage. And it's new motto of "Be Evil" has cemented its fate.

Re:Some nice ideas, but... (1)

Noughmad (1044096) | about a year ago | (#44468785)

Running your own server seems kind of extreme for the average user

Running your own server is what everybody used to do before Google gave people the offer of free unlimited storage that they couldn't refuse.

I don't know about everybody, but most of the people I know (including me) started with the ISP-provided email, then moved to Hotmail or Yahoo and finally to GMail.

Mailpile... (0)

Anonymous Coward | about a year ago | (#44468363)

I don't want my mail in a big pile.

Re:Mailpile... (1)

lxs (131946) | about a year ago | (#44468473)

What if I mail you some kittens? Wouldn't you want big pile of cute little kittens?

Re:Mailpile... (1)

Required Snark (1702878) | about a year ago | (#44468681)

That already happens on the Internet. That's why it filled with cats. Email is no different. Cats cats cats!!!

Re:Mailpile... (0)

Anonymous Coward | about a year ago | (#44469255)

Alexander, General Of The Kitten Interceptors and Cataloguers !

Not sure who the market is here? (4, Interesting)

beaverdownunder (1822050) | about a year ago | (#44468741)

Given that the average e-mail user has already accepted that their communications aren't secure, I have a problem visualising how said average user can be convinced that a 'replacement' for traditional e-mail is any more secure than the existing offering, or if said security even matters.

First, there's absolutely no way you can build trust. What are you going to do? Tell them it's secure because of X, Y or Z? The point here is that your average e-mail user doesn't understand encryption, PGP keys or any of that. It just translates as blah, blah, blah; give us your e-mail so we can snoop through it just the same as the other guys do. Oh? You can read the source code and confirm that it's all legit? The average user can't read source code! These claims are all worthless.

Second, if there's already an acceptance that having your e-mail open for analysis somehow prevents your child from being blown-up at a bus stop, you're not going to be very fond of encouraging the adoption of a product that could aid terrorism, let alone use it yourself.

So, if you can't build trust, and your potential user base can be put off your product by the spectre of terrorism, then what's your business model? If the user can't be convinced they'll have any more privacy without the expense of a potential surge in terrorism, there isn't one. You can only preach to a choir that would already be using PGP, etc. if they cared enough to do so.

But you can't even get widespread adoption in the geeks! Most of us use cloud e-mail services, Facebook, etc. and just don't care enough, let alone would ever truly trust your product, regardless of how transparent you attempt to make it.

tl;dr: there are better uses for the developers' time here than building a baseball field nobody will ever play on.

Re:Not sure who the market is here? (4, Interesting)

bonniot (633930) | about a year ago | (#44468917)

You can read the source code and confirm that it's all legit? The average user can't read source code! These claims are all worthless.

An answer to that is that even though only 0.1% of users can read source code, ...

  • - 5% know somebody who can read code;
  • - 30% know somebody who knows somebody who can read code;
  • - ...
  • - 100% know a newspaper who would publish the story if a single expert read the source code and discovered there is snooping hidden in it (by then a host of other experts can simply confirm this fact)

Given this, it's quite likely that if an open source tool contains malicious code, and it is widely used, this will be revealed eventually. Of course there is no 100% guarantee. But this claim is far from worthless. You can have much higher confidence that an open-source tool does not have hidden snooping compared to closed-source, and this even if you can't or won't read the source code yourself.

Re:Not sure who the market is here? (0)

Anonymous Coward | about a year ago | (#44469243)

If the establishment weren't shit-scared of the Money International (and their desire to put the 99% under surveillance), then we could have universities doing doctoral theses like "formal proof of correctness of GNUpg" and the like.

The major problem at this point is not crypto itself, but correctness of all sorts of implementations. USG and probably the Russkies are now stockpiling massive amounts of exploits for (ideally) any popular software. I would not be surprised to learn they have 75 ways of exfiltrating your GNUpg key by means of malware embedded into a PGP cryptogram.

Allegedly they already have thousands of exploits for most of the popular software systems/packages. It is very much like nuclear war and that is why they are themselves shit-scared of the Russkies "cybering out" their own infrastructure in a matter of minutes. When computers are dead, modern militaries can't respond to being nuked out completey.

That kind of thing is now part of US STRATCOM.

Where in hell are you getting these numbers? (1)

westlake (615356) | about a year ago | (#44469601)

An answer to that is that even though only 0.1% of users can read source code...

- 5% know somebody who can read code;
- 30% know somebody who knows somebody who can read code;
- 100% know a newspaper who would publish the story if a single expert read the source code and discovered there is snooping hidden in it.

The geek's made-up stats do not inspire confidence.

They are worth the cheap instant mod up to +4 or +5, "Insightful" here.

Re:Where in hell are you getting these numbers? (1)

cervesaebraciator (2352888) | about a year ago | (#44471353)

The geek's made-up stats do not inspire confidence.

Very well. How about this [wikipedia.org] : 100% know somebody who knows somebody who knows somebody who knows somebody who knows somebody who knows somebody who can read code.

Incidentally, I wonder how many degrees of separation in the meta-data it takes for the NSA to consider someone suspicious.

Re:Where in hell are you getting these numbers? (0)

Anonymous Coward | about a year ago | (#44471523)

There was a news story on that a couple of weeks ago, I think it was two or three.

Re:Not sure who the market is here? (1)

Dr. Evil (3501) | about a year ago | (#44469881)

- 5% know somebody who can read code; - 30% know somebody who knows somebody who can read code; - ... - 100% know a newspaper who would publish the story if a single expert read the source code and discovered there is snooping hidden in it (by then a host of other experts can simply confirm this fact)

Knowing how to "code" isn't enough, you need to study the codebase. A tiny fraction of those who know how to code have studied the mailpile codebase enough to catch a backdoor. I would say, practially speaking... 0 outside the core developers.

Backdoors or snooping are best hidden with plausible deniability. Even if you discover one, it won't be obvious that it was intentional, it will be no more newsworthy than a typical vulnerability report.

Re:Not sure who the market is here? (1)

bonniot (633930) | about a year ago | (#44470405)

Knowing how to "code" isn't enough, you need to study the codebase. A tiny fraction of those who know how to code have studied the mailpile codebase enough to catch a backdoor. I would say, practially speaking... 0 outside the core developers.

Right now, you're probably right. As far as I can see it's not much used yet. But as usage grows, so would the number of contributors looking at the code, to add a new feature of fix a bug, each time increasing the chance malicious code or vulnerability would be found.

Backdoors or snooping are best hidden with plausible deniability. Even if you discover one, it won't be obvious that it was intentional, it will be no more newsworthy than a typical vulnerability report.

Right. Open source does not magically guarantee the absence of vulnerabilities (accidental or intentional). But it makes them easier to detect by the community, and harder to hide malicious code. Take the snooping revealed to be happening in Skype. Would it be that easy to do with open-source clients and servers?

Re:Not sure who the market is here? (4, Insightful)

mongrol (200050) | about a year ago | (#44469003)

I disagree that the normal user has accepted their email is not secure. I'm fairly certain that most normal user's have no idea that email is insecure.

Re:Not sure who the market is here? (0)

Anonymous Coward | about a year ago | (#44469215)

Either you are a government/surveillance industry operative, or you are fucking naive. You are essentially building up the dichotomoy of "all your communications in plain text OR TERRORISM".

The truth is that USG itself has created and still creates "Terrorism": First they created it in Afpakistand (with Pakistan and the Saudi filth) against the soviets. Now they still create it by allowing lots of wealthy Saudi radicals to fund Sunni Terrorism worldwide. Instead of smoking out the Saudi menace, they hit Saddam, because he was a nuisance for Israel.

And you want to tell me I cannot have privacy because USGov (and their sycophants) are Creators Of Terror ? FUCK YOU ! Fix your muslim "allies" and simply stop Muslim travel into the west. Thank you very much, Mr U. Sam !

Re:Not sure who the market is here? (0)

Anonymous Coward | about a year ago | (#44469223)

Actually, breeding "Terrorism" is in the best interest of the US surveillance industry, as they would otherwise have been downsized to sane levels. That would kill at least one million jobs, so expect lots of cloak and dagger shit to happen. Their nice livelighoods are at stake. Plus the system to snoop on the 99%.

Re:Not sure who the market is here? (1)

greggman (102198) | about a year ago | (#44469533)

Agreed, and so what if your email is encrypted? The moment you send it someone else you have no guarantee they are keeping it encrypted on their end.

I can imagine there's some minor piece of mind to have my email encrypted which would make it slightly harder for people to grab my database of email and read it. At the same time I don't want client side email. I want server side email so I can search and access it from any of my devices. And, I want it to have all the features of gmail including speed of access, amazing spam detection, and every other little feature they support.

I suspect spam detection is a hard problem too. Google benefits from crowdsourcing there. With un-encrypted email they can see a million people getting the same message and once a few percent mark it as spam they can guess it's spam for everyone. Not sure who to solve that problem if all the email is encrypted.

Re:Not sure who the market is here? (1)

The Cat (19816) | about a year ago | (#44471555)

If you use "cloud" e-mail and Facebook you ain't no geek, son.

wait what (0)

Anonymous Coward | about a year ago | (#44468829)

This is just another email client, is it not? From the original description it seems that they aspire to give everybody an email server - I am totally confused.

Somebody, please explain how this is better than Thunderbird with PGP!

Mail Pile - why not merge with Jitsi ? (-1)

Anonymous Coward | about a year ago | (#44469153)

Why not have this merged with Jitsi, have a bigger team, both focused and working together on the same thing?

Jitsi - Open Source Video Calls and Chat
Secure video calls, conferencing, chat, desktop sharing, file transfer, support for your favorite OS, and IM network. All this, and more, in Jitsi - the most complete and advanced open source communicator.

Why do we still store email in plain text? (0)

Anonymous Coward | about a year ago | (#44469295)

I'm still amazed that with all the focus on transport encryption nobody has focused on storage encryption. Why can't i give a public key to a email provider, and after receiving a email via TLS or alike they encrypt the email for me before storing. PGP is all well and good but the majority of my email that i wish to protect isn't from people who would USE PGP to encrypt it in the first place (think service providers etc). If someone wants to send me something that warranted encryption they certainly wouldn't use email.

Re:Why do we still store email in plain text? (0)

Anonymous Coward | about a year ago | (#44469357)

File or block level encryption is the right place to do that. It shouldn't be built into the mail protocol, or it won't work for other things stored on that same disk you might also care about. Mail encryption should solve the problem of snooping in the middle. If it encrypts the mail on disk too that's fine, but the right way to protect local storage is with file or block encryption.

Even the screenshots are buggy (0)

Anonymous Coward | about a year ago | (#44469317)

Why do their screenshots show "1-5 of 2546", but then actually show 6 messages, not 5?...

Who hosts? (1)

nurb432 (527695) | about a year ago | (#44469825)

That is still a security problem. You want end-to-end encryption on the client, and not store it somewhere else, even encrypted.

Re:Who hosts? (2)

AdamWill (604569) | about a year ago | (#44470573)

"Self Hosted

Mailpile is a modern web-mail you run on your own computer.

You can host your install of mailpile on your laptop, desktop, Raspberry PI or a server in the cloud. Or put it on a USB stick and carry it in your pocket. It's your choice."

From the front page of their site.

I note that antispam is "under development" (2)

astralagos (740055) | about a year ago | (#44470179)

I'll be deeply curious to see if they actually manage to produce a viable antispam solution. I find the thing that almost everyone walks past when talking about antispam is that it requires reading other people's mail. gmail takes advantage of economies of scale to notice that the same phrase is appearing repeatedly in multiple messages from different names, for example. Spammers are clever and will figure out ways past everything eventually, so I like to ask people if they're willing to trade infinite spam for total email privacy.

Re:I note that antispam is "under development" (1)

Gibgezr (2025238) | about a year ago | (#44470275)

^^^^^^^ THIS!
18 years ago, my work email was pretty much spam free, and my private email was 50% spam. Fast forward to today, and my private email is **totally** spam free, and my work email is deluged (90% spam). Why? Because gmail reads millions of emails and filters better due to comparing people's mail, whereas my work email only has a small pool of mail messages to work with.

While I like the concept of email security, I am unwilling to part with "spam free" service.

Simple Fix (0)

Anonymous Coward | about a year ago | (#44470797)

Make every unknown contact solve a CAPTCHA upon sending an email to you; that will kill the economics of spammers.

Privacy-enhanced mail (1)

Animats (122034) | about a year ago | (#44470677)

From the site, there's not enough info to tell what security properties this proposal has. Mostly, they're just begging for money.

It might not be that hard to do privacy-enhanced mail [ietf.org] today. Both browsers and some mail clients (i.e. Thunderbird) accept plug-ins, so doing encryption and decryption on the client side is possible even for web mail. You could still use Gmail, but all Google would see are big strings of random-looking text. Your browser plug-in would decrypt that when displaying Gmail output. Of course, Google's indexing and ad matching wouldn't work.

The big problem is publishing and finding the recipient's public key. The 1993 PEM scheme wanted to do this with SSL-type certs, but that never caught on. Self-signed certs are vulnerable to man-in-the-middle attacks. But suppose that you published your public key on some social network (Twitter, Flickr, Facebook...) and your mail client checked your own key at random times. Then you'd detect if someone was messing with your public key. It's not airtight, but it's better than nothing, and any widespread tampering with public keys would be noticed.

None of this requires any cooperation from, or trust in, mail servers. It's entirely client-side, where it should be.

Email Works (0)

The Cat (19816) | about a year ago | (#44471525)

Leave it the fuck alone. The last thing we need is a room full of hornrimmed-glasses-wearing Haskell programmers humping some E-mail 2.0 inflatable doll and telling us how hot "she" is.

I can't think of a faster way to runaway piston-fuck society to death. SMTP is fine. Learn to use it before you start running your dumbfuck 19-year-old mouth about how things ought to be.

Two things to be aware of (1)

Fnord666 (889225) | about a year ago | (#44471577)

First, be aware that this project uses the Flexible Funding model. This is not like kickstarter; even if they don't reach their funding goal, any contributions you make still go to them. It's not an "all or nothing" deal like people are used to with kickstarter.

Flexible Funding

This campaign will receive all funds raised even if it does not reach its goal. Funding duration: August 03, 2013 - September 10, 2013 (11:59pm PT).

Second, there seems to be a bit of a contradiction on the timeline for this funding. The developers mention the following:

Our goal is to fund two to three man-years of full time work on Mailpile, with our first milestone in January 2014, when we will deliver an alpha version ...

Yet later they say (emphasis mine)

This is the Mailpile business model. As long as members of our community are willing to fund development (we will ask you to renew your membership in a years' time), we will dedicate ourselves to Mailpile and build the secure web-mail client you want.

Regardless of these inconsistencies, If they stick to the schedule then there should be a stable 1.0 release out during the first year of funding/development.

Following our alpha release, we will spend another 6-9 months fixing bugs, fleshing out features, responding to user feedback and getting the user interface translated to languages other than English. Our goal is to have a stable 1.0 release ready in the summer of 2014.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?