
Mailpile – taking e-mail back - tim_hutton
http://www.indiegogo.com/projects/mailpile-taking-e-mail-back
======
harrytuttle
How many times do people have to say this:

 _There is no such thing as secure email. Assume everything is being read._

You can't bolt security on (SSL, mailbox encryption, PKI). You have to design
it in from the start. SMTP/IMAP etc have crudely hacked on TLS implementations
which aren't even guaranteed to be operational site to site. PGP is just an
encapsulation which is rarely used.

It's a mess.

This is just a repackaging of the pile of hacks.

We need to start again and do it properly and consider: encryption, modern
content encapsulation (better than mime), authentication, PKI, secure storage,
mandatory authentication/authorisation and SPAM control.

~~~
moxie
I don't think Mailpile is potentially valuable because it immediately solves
the encryption problem, but because it solves the MUA problem.

All innovation in the secure email space has been blocked for the past 13
years by one primary problem: _webmail_. It is simply not possible to develop
a secure email solution if webmail is the only viable option for accessing
mail, so most people who would be interested in innovating here don't even
bother. If we can successfully make the transition back to local MUAs,
however, we might have a chance to try something new.

Even if we can't leverage it to get a full end-to-end mail encryption, here's
why I want something like Mailpile:

Right now, _every single email I receive is encrypted_. I have my public GPG
key on my mail server, and every incoming email that's not already encrypted
is encrypted using that public key. That way if the anyone compels my VPS
provider for access, they just get a bunch of encrypted email. So my problem
isn't receiving or encrypting email, it's reading it. The only real option I
have right now is Thunderbird, which isn't great, and is no longer under
development. As a browser-based but locally-hosted MUA, Mailpile might be the
remedy to Thunderbird that we need.

~~~
enterthemist
Firstly, I want to applaud mailpile for their efforts. Next, I'd like to
respond to you with what our product is aiming to solve (because that is what
I know best).

> All innovation in the secure email space has been blocked for the past 13
> years by one primary problem: webmail.

We are working on solving this very problem. We do this via js crypto. The
main problem with js crypto is modification of the crypto with the transfer.
We aim to solve this via having a browser extension be the default js store
(so that all the crypto is verifiable by outside sources).

> That way if the anyone compels my VPS provider for access, they just get a
> bunch of encrypted email.

This is also true of any service which provides end-to-end encryption (With
the exception of the plaintext headers).

> So my problem isn't receiving or encrypting email, it's reading it.

We use SMIME for encryption which is supported by a variety of clients:
Outlook, iMail, and our own client. For internet mail, as I said, we are
working on browser extensions for gMail.

The main problem that this does not solve is the routing and timestamp
metadata problem as that is still necessary for the transfer of the email.

~~~
kamjam
How trust worthy is the js crypto? For a long time people believed hushmail to
be safe:
[http://en.wikipedia.org/wiki/Hushmail#Compromises_to_email_p...](http://en.wikipedia.org/wiki/Hushmail#Compromises_to_email_privacy)

Regardless of how safe it is, the problem is still social engineering hacks,
key loggers etc (you'll always have this issue) - just wondering to what
lengths a government will go...

~~~
enterthemist
Some key differences are that we do not store your emails, your email provider
does. We do not ever, at any point, have access to your unencrypted keys.
Therefore, we cannot, even if forced to turn over access to your data. That
being said, as with all secure systems there may be bugs. The client however,
is (will be) open source so that everyone can help solve whatever problems
that may arise. The key point is that the architecture is set up so that we
dont ever need access to your keys or data.

~~~
kamjam
So now I really don't understand how this is any different from using
Thunderbird and EnigMail/PGP to encrypt your mail - and if I've understood
correctly then it actually isn't any different, you are just providing a
glossier interface.

I think it's a worthwhile project, but beyond the tech community, I'm not
entirely sure how much traction usage will get... Thunderbird/Enigmail is a
PITA to setup and use for sure. A step in the right direction, but all m00t
unless everyone is using encryption and it becomes the defacto when
communication via email.

~~~
enterthemist
It is different in that it creates a key distribution interface for the
average person. This interface allows things like decrypting emails in the
browser and transparent security. It also allows you to know who has security
and who doesnt (this allows people to incrementally start using encryption
without the headaches of wondering who else is using it). These are problems
that are not solved with any PGP type interface today.

I think that what you are missing is that the server stores _encrypted_ keys,
rather than no key.

~~~
bradleyjg
Lavabit had a similar architecture, only with the password could the server-
side email be unencrypted. Although we don't know for sure, it appears that
the government insisted that they trojan their client side code to retrieve
the password.

Your secret sauce, if I understand it correctly, is open sourcing the client
side code and providing some mechanisms to assure end users that what they are
executing matches the publically published code.

That makes sense to me, but I don't see why you wouldn't go one step further
and store the secret key in the browser plug-in. Is it an multiple-
installation issue?

~~~
enterthemist
> Your secret sauce, if I understand it correctly, is open sourcing the client
> side code and providing some mechanisms to assure end users that what they
> are executing matches the publically published code.

Yes, the js client is fully intended to work exactly this way.

> That makes sense to me, but I don't see why you wouldn't go one step further
> and store the secret key in the browser plug-in. Is it an multiple-
> installation issue?

There are a few issues here.

1\. The first is the general crypto principle: minimize your TCB. I want the
key to have to touch as few places as possible. For this reason, I have plans
on moving the keys from the server to a clients machine(s). Doing so, however,
involves a lot more problems including: NAT and the lack of a fallback. In the
future, when I have more time to work on these details, I want to try and make
that an option for people.

2\. Another problem with placing the key in the browser is as you say: it
allows anyone who is able to access the browser to access your key (including
malware and other users).

3\. Lastly, where would this key come from (remember rule #1: the server never
has access to an unencrypted key)? If it is generated on the local machine
that would then mean that you have no way of distributing it to your other
machines (or at least not in ways that your grandmother will be able to do).
Even if there were some super snazzy interface, it would be prone to attack as
well.

~~~
bradleyjg
Thanks for the response. I would look back at some of the articles that came
out on the imessage protocol several months back. They face a similar key
distribution problem given that iMessages can potentially be delivered to
multiple devices. I don't remember if the reverse engineering ever figured out
exactly how they cracked that nut, but I seem to remember that there were some
reasonable hypothesis.

------
HerraBRE
Hey all! Mailpile tech lead here. Just wanted to say THANKS to those of you
who helped make this happen so quickly.

Improving e-mail security, flawed as the underlying protocols may be, is long
overdue. We don't promise perfection, but we do have clear ideas about things
that can be improved and how. We strongly believe in a pragmatic, backwards
compatible approach that helps people slowly migrate to better habits.

For some background on the wider philosophy of the project, check out the
slides from my OHM presentation where I launched this:
[http://mailpile.is/files/OHM2013%20-%20Rescuing%20e-mail%20f...](http://mailpile.is/files/OHM2013%20-%20Rescuing%20e-mail%20from%20the%20cloud.pdf)
\- this project is as much about rebooting FOSS e-mail development and
fostering decentralization, as it is about encryption and security.

We will be posting more details to our blog at
[http://www.mailpile.is/blog/](http://www.mailpile.is/blog/) as soon as we get
stuff written down. :-)

------
devx
Why even bother with S/MIME? How long until the government corrupts the
certificate for it if Mailpipe becomes as important to them as Lavabit was, in
the future? And I hope their PGP implementation is _really_ user-friendly.

This sounds like more of the same of what we've had so far, perhaps with the
ability to become a little more mainstream, but I don't see any breakthroughs
in terms of encryption here, like say the way Bitmessage is. I think that if
we want NSA-proof secure messaging we'll need to come up with new stuff, and
not just use the same old PGP with centralized email databases.

This could definitely be a (very short-term) win against NSA if say Gmail
implemented PGP in a very user-friendly way, but for something starting from
scratch, I'd rather it was a breakthrough in security.

~~~
mikegioia

        Why even bother with S/MIME? How long until the
        government corrupts the certificate for it if Mailpipe 
        becomes as important to them as Lavabit was, in the
        future? 
    

The way I see it, Mailpile won't be issuing certificates for people to use,
they merely enable you to use your existing certificate infrastructure.

I have a machine with a certificate authority that issues S/MIME certs for us
to use internally for sensitive emails. Currently we use Thunderbird and Mac
Mail to handle this but people like web mail and we need a system that can run
a web interface (or phone app) to handle these certificates.

~~~
noselasd
I'd say the people that can set up and manage their own CA, and the people
that need a new mail client to be able to send/receive encrypted email are
non-overlapping groups.

If you're right - what does Mailpile solve ?

~~~
mikegioia
The reason why I need something like Mailpile (and the problem they will
hopefully solve) is to have a client-side app with a user-friendly system for
managing S/MIME certificates.

I can set up the CA and generate user (employee) certificates on my own,
there's no way the end-user should have to do that. But what's frustrating
right now is that the current tools for configuring S/MIME signing and
encryption for email either (a) don't exist, or (b) are heinously complicated
to use.

Have you ever tried getting S/MIME certificate auth set up in Mac Mail? It's
doable but I had difficulty walking my tech-savvy brother through the process
over the phone.

If Mailpile has a simple method of selecting a certificate file for an email
account then the hard part is done IMO. The process just becomes IT issuing
new certificates every year to employees, and employees uploading said
certificates through their (web) mail app.

The biggest value here is having a web mail client, hosted locally, that can
support PGP/SMIME in a user friendly way. Then signed/encrypted emails are
that much easier to configure for the masses.

------
jvehent
* User-friendly support for both OpenPGP and S/MIME encryption and signatures

* A very fast, scalable search engine

I'd like to know how they achieve both without having the keys, and without
shipping code (JS, java applet) that has access to the keys.

Also, excuse my lack of trust, but why should I trust a SaaS created by a
Google employee, as opposed to trusting a SaaS created by Google ? That makes
no sense to me.

If you're worried about privacy, store your own emails. Period.

~~~
HerraBRE
This is not a SaaS. This is an open source mail client you run yourself. So
that's why. :-)

~~~
jvehent
I had missed that. Thanks for clarifying.

------
mikegioia
I'm surprised how fast it happened! With 22 days left it may get high enough
for them to bring on another developer.

------
ghc
Okay, so we're crowd-funding an email client now?

Is there any reason to not just put up all of my random project ideas on
indiegogo and see if they get funded? If I'm having trouble financing the
development new features for my SaaS application, should I just create a
funding project for it?

Because I'm really not seeing the difference between that and this...I wish
someone could explain this phenomenon to me.

~~~
nollidge
> If I'm having trouble financing the development new features for my SaaS
> application, should I just create a funding project for it?

Sure, why not? No one is stopping you.

> I wish someone could explain this phenomenon to me.

Many people invest small amounts of money in a person or group of people.
There are risks, like any investment, and the payoff is a product which the
investors will find useful or entertaining.

~~~
Zoomla
it is not really an investment, it is more like charity... you more then
likely never get more then what you paid for and you have a risk of loosing it
all.

~~~
nollidge
> you more then likely never get more then what you paid for

They tell you beforehand exactly what the payoff will be. If that doesn't
sound economical to you, you don't pay in. There's absolutely no deception
here. There's no promise of riches. There's just a promise of a product that
is worth what you paid for it.

> and you have a risk of loosing it all.

...which is exactly like every other investment in the history of commerce.

~~~
Zoomla
But you have 0 chance of getting back more then what you spent, unlike an
investment (the reward is always worth less then what you spent, if you think
about it as an investment).

------
tim_hutton
Title as submitted: "Mailpile is funded - secure email for everyone"

------
samuelfine
Each time someone attempts to make email more secure, the HN response is "no
use! need to start from scratch, do it right!"

So, I guess what I'm saying is:

1) Are you working on an inherently-secure messaging protocol? Awesome! Link
to the project?

2) If you're not, shut the fuck up. Any improvement is better than no
improvement, and dismissing any attempts to fix some of these problems while
you wait for The Perfect Solution™ is why we're in this mess in the first
place.

------
Fuzzwah
I think these 3 guys convinced me to chip in for this project mostly due to
their hair.

------
madcat123
It seems to me it's time email followed the file-sharing industry and moved to
a distributed, peer-to-peer system. End-to-end encryption and no servers to
shut down... There's a couple of research papers on the topic:

[http://www.computer.org/csdl/proceedings/cse/2008/3193/00/31...](http://www.computer.org/csdl/proceedings/cse/2008/3193/00/3193a203-abs.html)

[http://www.freepatentsonline.com/y2009/0144380.html](http://www.freepatentsonline.com/y2009/0144380.html)

------
aidos
Congratulations on getting the funding. I really hope that over the next 22
days it's pushed much higher so you can develop the product faster.

I installed the current version last week to have a play. Even in its current
state it's very promising - too far away to really be used yet but once it
matures it could be a great product.

------
bane
Maybe the better solution is a completely new distributed delayed messaging
system that works just like e-mail, but fixes all the crustiness and problems
that we know about these days.

There's very little that's more demoralizing then spending months cultivating
a relationship with somebody in a company you want to work for, getting
glowing recommendations, prepping yourself diligently for the interview then
showing up to a cattle call where half the interviewers can't even be bothered
to show up and the recruiters are a blind mess the entire day.

You aren't even being treated with basic human dignity at that point, there's
no respect for your time and you've just wasted a good deal of effort to get
into a hiring process where the candidates are selected for non-interview
talents anyways...like what school they graduated from or the roll of some
dice.

------
brown9-2
So there are no actual "perks" for the $1 and $8 contribution levels listed
under the "Select a Perk" table?

 _$1 Binary E-mail User: You 're part of the revolution, baby! - the
revolution that started in the 1960's with the creation of the first e-mail
systems.

$8 Futurist Telegrapher: Having not spent a dime on webmail for the last
decade, you've realized that the telegraph operators of the world have been
keeping copies, and it's time to change that. Thanks for helping us help you!_

So what do the contributors actually get for $1 or $8?

~~~
roryokane
They get nothing. I think those “reward” levels are just a cute way to trigger
anchoring
([http://en.wikipedia.org/wiki/Anchoring](http://en.wikipedia.org/wiki/Anchoring))
and make the job of choosing how much money to give easier by suggesting some
choices. In fact, the $13 contributors don’t get anything extra either – they
get “access to Mailpile's online source code”, but that’s already available at
[https://github.com/pagekite/Mailpile](https://github.com/pagekite/Mailpile).

------
umsm
I would like to mention that the details of this project seem a little sparse.
For a truly secure solution, this system will need to (1) define a secure
standard and (2) allow domain owners to personally host this system which can
connect to legacy mail servers as well as the "new" secure standard. This way,
when persons communicate within the same email domain and between secure
systems, the communication can be considered secure.

Just my 2 cents I guess.

A system like this can succeed, but I think it's too early to judge.

------
616c
What bothers me a little is this is basically a reinvention of the wheel for
sup-mail, developer by a Twitter developer and was/is very cool (I use it on
Mac occasionally for backups of email I have in a Maildir). Maipile would add
the web interface, and they just started transitioning to that idea in the sup
community, calling it heliotrope.

[https://github.com/sup-heliotrope/](https://github.com/sup-heliotrope/)

------
tokenizer
So will this bypass prism-like surveillance methods?

~~~
swdunlop
Not at all.

"Mailpile will download your e-mail from a mail server much like Thunderbird
or Mail.app and process it locally."

PRISM and other efforts at tracking associations operate at the server and
header level, this is not a useful countermeasure. It may reduce the amount of
mail you leave on the server -- but so would a reasonable mail reader
configuration.

~~~
aravenel
If it makes it easier to use encrypted email, then it does a little--any
emails with someone with whom you have exchanged keys would be encrypted, and
thus while they do indeed still fly across insecure channels, they are
(presumably) uncrackable.

Obviously, the vast majority of emails would still be unencrypted, and this
does nothing for metadata. But anything that makes encryption less cumbersome
to use is a good thing in my book.

------
mope
Great work guys, it would be great this takes off and introduces PGP to a
wider audience. Maybe one day we can stop sending electronic postcards to each
other. Now if only someone would restart Mixminion development...

------
soapdog
Genuine question: If this is open source, how come USD23 gives you access to
source code?

I think this is a great product and will contribute but I could not understand
this part the about source code

------
ptaffs
as ever, the criminals and terrorists have already solved the problem; they
communicate privately using closed community forums (search for
"carding/carder forums"). The people left using SMTP e-mail are mostly PETA,
EFF and other political groups the government is interested in monitoring.

------
orestmayski
I have no idea what the end product will actually look like, but I have the
greatest hope for it.

------
meapix
Ray Tomlinson screwed us all up

------
ebbv
This seems drastically overpriced. $4k/month for a year just to develop a
webmail CLIENT?

Crowdfunding really is the modern pyramid scheme.

~~~
pessimizer
I'd charge twice as much.

