
Pluto Mail – Unsend Emails - sazpaz
https://www.sendpluto.com/about
======
lutusp
The linked article claims that an e-mail can be deleted from the recipient's
email in-box, regardless of whether the recipient is running a Pluto client.

Earth to Pluto ... assuming the received e-mail is a classic plain-text
e-mail, that's impossible. Either the recipient is running a Pluto-compliant
client, in which case the claim is true, or the recipient is not running a
Pluto-compliant client, in which case the claim is false.

The only way this could work is if the received e-mail has content linked to
Pluto's site (example would be an HTML e-mail containing an iframe with hosted
content), where the real e-mail is located. So ... they should be honest and
say that.

~~~
davycro
I just tested this service with gmail and it did in fact work. Pluto sends an
image that contains the body of the message. After about 30 seconds the image
is replaced with another that says "this message has expired."

A very remarkable hack! Especially since Gmail caches images on their own
proxy servers. I wonder how long until Google finds a way to prevent this?

Here's some background information about the founders. One is a CS grad from
Stanford, and former Google employee--
[http://www.thecrimson.com/article/2014/4/2/law-school-
email-...](http://www.thecrimson.com/article/2014/4/2/law-school-email-
startup/)

~~~
ceejayoz
> A very remarkable hack! Especially since Gmail caches images on their own
> proxy servers. I wonder how long until Google finds a way to prevent this?

I don't think they cache. It's more an issue of privacy, HTTPS assets, malware
checking, etc.

[http://gmailblog.blogspot.com/2013/12/images-now-
showing.htm...](http://gmailblog.blogspot.com/2013/12/images-now-showing.html)

------
h2s
Worth bearing in mind that this is effectively DRM for email, with all the
negative connotations that DRM brings.

~~~
teacup50
It's already bad enough that people put dropbox links in their e-mails,
negating the value of long-term e-mail archiving.

It's extremely useful to be able to go back in time and have full conversation
history, including associated resources.

~~~
chimeracoder
While I agree with this, I find it equally annoying when people send 3MB
attachments as emails (and then keep resending them for every email in the
conversation!).

It would be nice if a Dropbox link included a hash of the file, functioning
more as a magnet link than a URL (emphasis on the "L - Locator" in "URL").

~~~
teacup50
> _While I agree with this, I find it equally annoying when people send 3MB
> attachments as emails (and then keep resending them for every email in the
> conversation!)._

Why? I don't think I've deleted a non-spam e-mail since ~2001; e-mail-scale
storage is cheap.

------
huhtenberg
The only way all claimed features can work is if the email body remains on
their servers at all times. I.e. they send some sort of wrapper that either
iframes the content or talks to the Pluto backend in some other form or
fashion. Needless to say - good luck with that!

~~~
eli
No iframes in email. I bet it's rendered as an image.

Either way, you're trusting them with the contents of a message that, by
definition, you kinda wanted to keep private.

~~~
jgalt212
I guess so, but that's the same situation as it is with any other email
provider (yahoo, gmail, etc). The difference here is that you are only
trusting Pluto. With other providers, you are trusting the provider and all
recipients, whether they are an intended recipient or not.

In short, there is no free lunch, but this seems like a decent solution as you
only have to trust one entity. Its up to us (potential users) to decide to
trust them or not.

~~~
dgobaud
Indeed there is no free lunch and until email end-to-end encryption is widely
supported, the unencrypted content is going to be stored somewhere. Pluto has
an easily accessible eliminate option that deletes all copies of the email
from our servers (and given the way Pluto works, also the recipient's access
to the content). You can click “Eliminate all emails” on the top right signed-
in home page to eliminate all emails or you can do it on a per-email basis by
clicking “Eliminate Completely” in the top left of an email details page. We
also support an auto-eliminate setting that eliminates an email from our
servers upon unsend or auto-expire.

David Gobaud, Co-Founder @ Pluto Mail

------
mkhpalm
Well, at least I'll know why I can't see certain people's emails. ;)

------
mariusz79
If people decide that this is a good idea, I will have to an add automatic
reply with something like

" You use this crappy service either because:

\- You didn't spend enough time thinking about that email because you either
want to edit it later, or delete it from my mail box

\- You expect me to answer by some specific date, which implies you want me to
be on your schedule.

\- You want to violate my privacy by tracking if and when I read your email.

You also require me to use a third-party service to read your email as a text.
That's unacceptable.

Remember you're trying to contact me, no the other way around. Send it plain
text or don't send it at all. "

------
knz42
There are a number of fundamental issues with this service.

1\. As a recipient my privacy is violated: a signal is sent automatically to
the sender _without my consent_ to signal when I open the message. A co-
founder argues "the feature exists with other systems already": the difference
is, these other systems are opt-in: as a recipient, I agree explicitly to read
acknowledgements when I choose to download the alternative messaging client.
As an e-mail recipient, I do not agree to this "service" and it is unethical
to force it upon me.

2\. The "expire" feature breaks the workflow of most e-mail users I know,
including myself. Most users will first open an e-mail, quickly scan it, then
mark it for later in-depth processing. If the expire timer starts at the first
open, chances are the e-mail will have disappeared by the time the recipient
re-opens it later.

3\. The service breaks search: with Pluto mail stored at Pluto's servers, it
is not possible to search across both Pluto and non-Pluto e-mails in one
query.

4\. The strategy to "provide e-mail client plugins" is not scalable obviously,
due to the wide diversity of clients actually used. (Did the founders make a
market study of which clients are actually used? On mobile, my own analysis
shows there are at least 6 different apps in wide use. On desktop, at least 4.
The development overhead of providing plugins to all is huge.)

~~~
dgobaud
Thanks for your comments.

1\. Most email open tracking services do not alert the recipient (or require
opt-in). Tracking email opens is basically standard practice these days. We
don’t have numbers but I bet the majority of marketing emails track opens.
Also, many new services such as Streak, Yesware, and ToutApp track opens
without opt-out ability or downloads. The only similar service that we know of
that has a time-limited opt-out option is Boomerang.

2/3\. Pluto’s goal is to change the way people think about email. If an email
is going to expire in a few minutes/hours does search matter? Pluto may not
make sense for your business emails and that is ok. We are providing an option
for people to use for emails that they don’t want to follow them for the rest
of their life.

4\. It is a big task and we’re working on ways to make Pluto as accessible and
easy to use as possible.

David Gobaud Co-Founder @ Pluto Mail

------
capybaraz
Thanks for the comments everyone. Given the low cost of storage, today the
default assumption is that email and anything you post online is permanent.
The grand vision of Pluto is to grant people more control over their online
footprint, starting with email. We realize Pluto is not a complete solution to
“email privacy.” However, Pluto is an improvement over how email works by
default.

David and I hate the fact that, as soon as we hit send, we lose control of who
can access the content and for how long the content can be accessed. We know
that Pluto may not make sense for all emails but we believe there is a large
set of emails for which it does. We also know there is a niche of users (like
ourselves) who want most of our emails to expire.

If you all have any more questions, please email me @ lindsay@plutohq.com.
Thanks :)

Lindsay, Co-Founder @ Pluto Mail

------
ceejayoz
Interesting approach, but the image approach means if they go down, your email
all disappears.

~~~
gingerlime
also, you can't search, copy&paste, reply inline. That's not email, it's like
sending someone a fax.

~~~
dgobaud
Pluto allows you to select, copy, and paste from the text version accessible
via the link, though it does have search limitations. For our active users,
the inconvenience is an acceptable tradeoff for being able to limit their
email footprint. Search is also much less important if the email will soon be
expired.

However, we are working on email client plugins that will enable inline
reply/copy/paste and search to improve the Pluto experience.

David Gobaud, Co-Founder @ Pluto Mail

------
asadlionpk
Good effort. But the idea is kinda broken to me. Very much like snapchat is
never going to actually work like it is advertised.

------
joshribakoff
This is constructive criticism, but your landing page is like really wordy, to
the point the average user would not take the time to read it all. I wonder if
it could be improved by putting more pictures & less words?

~~~
capybaraz
Thanks for the feedback! I agree that it is a bit wordy -- we will look into
redesigning the landing page.

Lindsay, Co-Founder @ Pluto Mail

------
nkrba
This sounds great. Maybe 2014 will be the (attempted) return of privacy.
Anonymous messaging, expiring emails, pseudonymous payments, etc.

~~~
mariusz79
Privacy? If you want to track when I read your email, your violating my
privacy.

~~~
capybaraz
Thanks for voicing your concern. Several applications out there (e.g.
Mailtracker, Streak, etc.) provide tracking capabilities that include details
on the recipient’s location, device, and number of opens. We at Pluto decided
to only track the time that the email was first opened because we calculate
some expiration times based on when the message was opened (e.g. email expires
1 hour after open). If we did not display this information, the user could
always calculate it anyway from the email’s time of expiration.

David and I are both concerned about privacy, however, so we may implement an
option to obscure tracking details in the future.

Lindsay, Co-Founder @ Pluto Mail

------
ecnahc515
This reminds me of priv.ly which allows you to always retain full control of
your content

