

Mitro is Shutting Down on August 31st - boristhespider
https://www.mitro.co/shutdown.html

======
alexggordon
I've used Mitro ever since I heard about it. It's been really fantastic to
use, and the team did an incredible job creating it. It has everything I look
for in a password manager, even without any updates or changes since it's been
open sourced.

On a different note, even though I'd pay to use it, after following the Google
Group pretty closely, it seems like Mitro has been unable to foster any sort
of development community in the short time the project has been open source. I
would have loved to help, but mitro-core is written in Java[0], a language I
have little experience with (I don't count my Data Structures class in
college).

I'm curious if the demise of Mitro could be a useful case study of how not to
open source a big codebase. It seems that they're shutting it down primarily
because of lack of development interest, including lack of interest from the
original creators. It could be naturally assumed that they were "expecting" a
community to form around Mitro, and embrace the open sourceness of it, but
that obviously didn't happen. I wonder if the founders would have done
something different with the way they open sourced Mitro, given what has
transpired.

[0] [https://github.com/mitro-co/mitro/tree/master/mitro-
core](https://github.com/mitro-co/mitro/tree/master/mitro-core)

~~~
hga
Open source Firefox took a _long_ time to get anywhere, from Jan 1998 to Sept
2002 for initial release; as Jamie Zawinski when he checked out in March 1999
([http://www.jwz.org/gruntle/nomo.html](http://www.jwz.org/gruntle/nomo.html)):

 _Open source does work, but it is most definitely not a panacea. If there 's
a cautionary tale here, it is that you can't take a dying project, sprinkle it
with the magic pixie dust of ``open source,'' and have everything magically
work out._

------
coherentpony
I'm pretty stunned by the number of projects or services I discover exist by
people posting their "X is shutting down" announcements on HN.

~~~
aytekin
That might explain why they are shutting down.

~~~
evanj
Pretty much. It turns out that marketing is hard. :)

------
minimaxir
They were apparently acquihired by Twitter a year ago:
[http://techcrunch.com/2014/07/31/twitter-
mitro/](http://techcrunch.com/2014/07/31/twitter-mitro/)

So not unusual.

~~~
biturd
Even @twittereng replied saying "welcome to the flock" so indeed they were
acquired/aquihired by twitters.

------
gingerlime
Such a shame to see it go. A fantastic password manager to use. Amazingly
slick interface, cross-platform support, intuitive UI. We would have happily
paid for it (we can't afford $200/month, but maybe $20 or $40 - we're a small
team of 5 people using it).

Big thanks to the Mitro team for keeping it alive until now. I'm still hopeful
that this imminent closure will prompt someone to pick up the open-source
project and keep it alive for longer (but understand that it's not an easy
task).

~~~
mistermann
Honestly, you'd pay $4 to $8 per month per user for a password manager?

~~~
josegonzalez
At SeatGeek, we use Lastpass. I don't personally know what it costs - yes, I'm
a lazy operations person - but it seems like it might be $24 per person at our
size[1].

I personally use 1Password and if it had group password sharing, I would be
lobbying to switch every day of the fucking week. The lastpass interface is
confusing, slow, and ugly (I've beens spoiled by the spit and polish we've
built). $8 per person compared to what we may be paying now seems very small,
so it's probably not unreasonable (to be fair, enterprise pricing is hella
weird).

\- [1] [https://lastpass.com/enterprise/pricing-
roi/](https://lastpass.com/enterprise/pricing-roi/)

~~~
kirushik
Isn't it $24 for a year of subscription?

~~~
josegonzalez
Thats what I get for not reading :(

Is/was Mitro $8 per person per year?

------
klapinat0r
I've also used Mitro ever since I first saw it, and I'm really sad to see it
go (had plans to implement the server in python, but at the risk of overseing
a security flaw I opted not to)

Lately I've been looking at pass[0], do any of you have experience running
this (with git)?

[0] [http://www.passwordstore.org/](http://www.passwordstore.org/)

------
misterdata
I only had a brief look at the source code (it's over at Github) but it seems
one could easily run their own server?

~~~
weitzj
yes. you can do this failry easy. There are ansible playbooks and some
readmes. There is some mailservice baked in, which you might have to change.

The only 'harder' part is (the last time I tried): You have to build the
browser extensions you want to use, and override the path to the mitro server
to point to your server. The config file is all centralized. So you change it
once and can build all extensions at once. I did not find an options to
customize the mitro server via the extension itself. (this is probably a good
thing).

To get your customized extensions to your users, you might have to create an
extra download site or fix the links in the mitro webpage.

~~~
sethammons
that makes me wonder if it would not be an interesting idea to have a plugin
that points to a known proxy and you register your host with it. then the
operations cost is low, a single plugin can be released, and you control the
server and data. just a random thought (typing on mobile with no spelling
check, please excuse typos).

~~~
vijayp
A password manager really needs to be a high-availability service -- it should
work even (especially) when AWS is down. Since our service (intentionally)
does not cache secret data on the client, running a proxy is not substantially
easier than running our service. Plus we'd have to write this proxy :)

------
nstart
They've put out the indication as early as March this year. Just found this:

@MitroCo's Tweet:
[https://twitter.com/MitroCo/status/577435506524336128?s=09](https://twitter.com/MitroCo/status/577435506524336128?s=09)

------
shmenwan
This was a fantastic program and it saddens me greatly to see it go. I hope
that someone will pick it up again, or perhaps find a way for the rest of us
to run our own servers, since switching to another password manager that
doesn't do as good of a job (at least not for free) is going to be quite the
inconvenience.

~~~
vijayp
The code is open sourced as GPL3, you should be able to run your own server
pretty easily. Please let us know if you have issues.

[https://github.com/mitro-co/mitro](https://github.com/mitro-co/mitro)

------
someear
I assume at $200/month it somehow becomes worth it to keep going as someone's
side project? I can't imagine twitter would keep it around for that little
revenue (unless the acquihire from last year was simply just a hire, without
buying the legal mitro entity)

~~~
gingerlime
it seems to be the case. According to [0] Twitter just hired the devs without
the legal entity behind Mitro, and seems like with no intention of supporting
the project going forward.

[0][https://groups.google.com/d/msg/mitro-
dev/cgFhvuPyUiE/o-sFkE...](https://groups.google.com/d/msg/mitro-
dev/cgFhvuPyUiE/o-sFkEQ5VBoJ) ( _Legally speaking: Mitro is run by Lectorius
Inc, which has no legal relationship to Twitter Inc. It is a wholly owned
independent company._ )

------
Immortalin
I am interested in taking over. I have a business idea for it, maybe it might
just save the project.

~~~
vanmount
Can you provide a bit more info? I'd be interested in maintaining the project
as it is right now in my spare time...

~~~
Immortalin
Email?

------
imrehg
Oh, no, too bad! Mitro is a real life-saver, using it since the very
beginning... This will be quite a step back for my web-usage-happiness-level.

I was wondering how will they make money, and looks like I need not to wonder
any longer :(

------
hyperpape
It's not long, but why leave a week where you can create new accounts for a
dying service?

~~~
evanj
There are some companies using it. It is possible that on-boarding a new
person RIGHT NOW while they figure out their long-term solution is helpful.
Small possibility, but I want to make this transition as easy as possible.

------
philippnagel
$200/month for the whole technical infrastructure?

~~~
vijayp
Yeah, our largest costs are: \- a primary server running on AWS \- a read-only
replica running on google compute engine. Other smaller costs include
networking, DNS, and various tax/administrative/regulatory fees

~~~
shawnb576
How much of this is the $$$ and how much is the effort?

IOW, if this thing was to generate $500/month, would you keep bothering to
operate it?

I happily pay $24/year for NewsBlur. I would happily pay/donate at that rate
for Mitro.

And it sounds like _just_ the people in this thread would get you pretty close
to $200/month given a model like that. I know more that would.

As other commenters said, the platform integration and password sharing are
really, really great.

~~~
evanj
Sorry for the delay. The monthly costs (which are actually closer
~$800-1000/month), are a small part. A bigger worry is if we take money from
people, we really have some obligation to provide "reasonable" service. We've
had relatively few system-administration incidents so far, but I'm concerned
about something happening when we are on vacation or busy with other things.

Worst case scenario is Chrome changing how extensions work, which requires us
to actually write code, or someone finding a serious security vulnerability.

As a conclusion: It really would take more like a total of $3000/month in fees
to make it worth someone's time to deal with the paperwork, the
administration, and to be willing to be on call. It seems unlikely we'll get
there, but I'm investigating the possibility.

