Slashdot Mirror

← Back to Stories (view on slashdot.org)

New, Privacy-Oriented, FOSS Web-mail: Mailpile

Posted by Soulskill on from the piles-of-mail-are-hard-to-spy-on dept.

New submitter Juggler writes "Mailpile, a new Free Software project out of Iceland, launched at the #OHM2013 hacker festival in Holland today. The talk's brief demo garnered rounds of applause and was followed by the launch of an Indiegogo campaign which, if funded, will allow them work full time on building a modern e-mail/web-mail client. The team's main goals are to address the usability issues that prevent non-technical folks from taking advantage of secure e-mail today, bring new life to FOSS e-mail development and provide a realistic alternative to keeping e-mail in the cloud."

17 of 116 comments (clear)

  1. antiquated system by Anonymous Coward · · Score: 2, Interesting

    The real problem is that email is antiquated, are far more complicated than it needs to be. Instead of bolting a new face on it, make a better protocol.

    1. Re:antiquated system by whois · · Score: 5, Interesting

      I've been considering a kickstarter for a new version of SMTP, while at least for the moment leaving IMAP alone. Specifically, the way headers are appended to mail in transit is unsupportable in a secure environment. The things I'm considering is that there doesn't have to be a flag day, you just need the vendors of several heavily used MTA's to support it as an option, then once 99% (or whatever number your company deems appropriate) of your email uses the new format you turn off the old.

      This was poopoo'd in the past because there were 10s if not hundreds of thousands of email servers. Now people have pretty much stopped hosting most email and turned it over to google, yahoo, microsoft or one of the other major players. Therefore you're no longer faced with trying to get everyone to change things. You only need 5 major companies to change, and hopefully they're interested in the new protocol as well (nobody likes SMTP as it is, the question is can you get everyone to agree to some consensus of next generation email then move forward with it)

      DJB's pull based email thing could be a part of this, maybe not the exact idea but something along those lines:

      DJB's IM2000 (http://cr.yp.to/im2000.html). While I don't think all mail should be stored on the originating server, I think a mix could be used to provide more flexibility. Mailing lists could leave all the mail on the server, since a bunch of readers never read every message there isn't a point of exploding it out to thousands of mailboxes (except for reliability, and that could be gained by mail->nntp for public mailing lists)

      Requiring domain keys could also be useful, since headers wouldn't be modified, just appended and signed.

      If people are interested in crypto/privacy aspects, emails that aren't delivered but instead picked up by the recipients don't leak metadata like To, From.

      It's probably best to approach this through the IETF, despite failures to make broad sweeping changes in the past, a new working group might be the best choice to get the interested parties involved.

      Tangent here:

      I also think that email clients need to be brought back and worked on. Thunderbird died because of two reasons: 1. Mozilla couldn't find a way to monitize it, and 2. Their biggest email competitor (gmail) and biggest contributor (google search) had already found a way to monetize email and thunderbird wasn't seeing significant updates at that point.

      Other stuff I'd like to see in thunderbird:

      Contact pictures on email (not something I think I would use, but nice for people used to facebook/twitter/etc). Integrated IM/Skype/Phone so you can effortlessly change the medium you're communicating through. Also the ability to send calendar events through IM or SMS would be nice.

      Real synchronization. That includes plugins and every setting via a service like weave that is secure. This would also sync your passwords and gpg keys. Actually a generic weave-like framework that could be integrated with pidgin, thunderbird and other open source apps to sync across machines would be great. That would also fix major issues with pidgin's OTR.

      So the reason I never kickstarted it is the same reason Mozilla doesn't work on thunderbird anymore. I have no idea how to monetize it in a way that would be long term sustainable. Users hate adds, they hate paying for software. Maybe an addon store, but that just means you're subbing the good development work to other people and then making the users pay to fix the things wrong with your app.

    2. Re:antiquated system by TheSeatOfMyPants · · Score: 2

      That email has been around for a long time doesn't automatically mean it's "antiquated" or in need of a rewrite. It fulfills the most important goals:
      -- send & receive messages over a secure connection
      -- use any client we want, whether local, networked, web, in a remote shell...
      -- read & send when it's convenient (non-live)
      -- email back-and-forth right away (eg. if chat services aren't allowed)
      -- style the letter as a document via WYSIWYG editor or hand-coded HTML
      -- or send plain text, no formatting/HTML
      -- embed all forms of media
      -- request to be notified when our recipient reads the message
      -- refuse to let our client notify someone that asked when we open it ;)
      -- download the messages as an archive, leave them on a server, or both
      -- interact with anybody regardless of what companies host the accounts
      -- host our own servers & personal domain

      Let's be honest here... If our generation(s) of developers tried to create an equivalent "electronic mail" type of service, we wouldn't get a standardized protocol for all servers to follow -- we'd end up with a ton of little competing services that would dictate how we access/send the messages, which competing mail services they're compatible with, and basically everything else, just like the norm in the blogging & social networking arenas. (Or incompatible pre-Internet networks like CompuServe & AOL, except those didn't sell our private data or plaster ads on the screen, and doubtless today's tech would.)

      --
      Now mostly at Usenet:comp.misc & SoylentNews.org (it's made of people!)
    3. Re:antiquated system by stenvar · · Score: 2

      Given that most large E-mail providers add massive amounts of privacy-invading info to E-mail headers (like the IP address where you wrote the message), I doubt the problem here is a limit on technology.

      For monetizing, though, there's a simple solution: sell whatever you come up with embedded in a piece of hardware. A self-maintaining "E-mail plug" you just connect to your home network lets you charge for the software as part of the hardware. Other companies have been doing that, for example the Tonido Plug and the PogoPlug.

    4. Re:antiquated system by Anonymous Coward · · Score: 5, Funny

      what protocol or protocol changes do you propose?

      In this day and age, isn't that obvious? We need to listen to what the majority of the computing public wants. It should be:

      * Proprietary, closely controlled by a single large company
      * All email must go through their servers.
      * Have unavoidable advertising added to all emails.
      * The protocol must be centralized rather than distributed
      * The possibility to run your own servers should be removed.
      * It should be limited to very short messages of no more than a few lines.
      * It should only be available on locked-down devices

      Most people have succeeded in getting some of those features by using gmail, but we're not all the way there yet, so there is still room for improvement.

    5. Re:antiquated system by AmiMoJo · · Score: 4, Interesting

      Mail clients died because webmail is more convenient for most people. I had been using mail clients since I first got online but then I went on holiday and decided to just use Gmail for three weeks. I realized it wasn't that bad and never bothered to go back to Thunderbird.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    6. Re:antiquated system by ancientt · · Score: 2

      I have talked about the same goal several times, but any new system must be backwards compatible because there are around 14 million (SWAG) businesses that rely on free SMTP.

      While you're chewing on that, Thunderbird is absolutely critical in that process. Most businesses don't want to think about email, calendaring, and shared address books but they get that with Exchange and Outlook. I've been interested in moving our company off of Exchange for some time but we're addicted to Outlook and need a simple to use replacement with the same features if we're going to stop using it. It's almost a chicken and egg problem, but just recently I have been getting close to a viable replacement on the client side with Thunderbird. As a bonus, it does digital signatures and encryption compatible with Outlook. The downside is the complexity of setup. Sure, I can set it up, but not the average user. I keep trying to find ways to make it easy though because if we can get off Outlook without much pain, we can get off Exchange later as well.

      I don't know the solution yet, but I imagine Mailpile (or roundcube or similar) is part of it. Another piece is going to have to be a ranking system. For the next ten to twenty years, people are going to require the ability to receive messages sent with unauthenticated SMTP, but if you build security ranking into email, you can begin to phase that out by having messages with a trust ranking system. Give +10% for digitally signed messages, +10% for encryption, +20% for a verified sender system, +20% for reputation, +20% for willingness to buy into a pay-per-message system and assign the remaining 20% on factors like how the local email client and associates have handled mail from that sender in the past. You can even make the percentages variable if you have sensible defaults because most people will never change the defaults.

      Sidenote, on the pay-per-message system, you pay 2 cents (or equivilant) per message sent outside your company and receive the same per message received on the same system. One of the historical problems that seemed insurmountable was the problem with the cost of microtransactions being too high. It costs around 30 cents to do an electronic transaction, so anything smaller costs more than it yields, but that's not the case anymore with something like bitcoin and you could do a twice daily cash-out with Coinbase to avoid the pain of volatility. For me that's been the single most important and too often overlooked appeal of crypto-currency. It allows for mico-transactions to be a commercially viable option. You could do it with fractional payments through a traditional bank as well, but none want to handle it when there is still income to be had by having eveyone use a system that pays them more.

      I don't really care if it is Thunderbird, Coinbase, Bitcoin and Mailpile, they're just examples of types that I'm using due to my own familiarity. Feel free to substitue alternatives for any of them if it makes more sense for implementation or discussion.

      --
      B) Eliminate all the stupid users. This is frowned upon by society.
    7. Re:antiquated system by drinkypoo · · Score: 4, Insightful

      No need to replace SMTP. Just add "more" stuff on to it. Not necessarily on top of other extensions, feel free to supersede them. But you need to support SMTP for the foreseeable future, and it's kind of nifty to have such a dirt-simple interface to mail for those cases in which it is useful, such as inside your organization for alerts and whatnot. I don't automate anything based on email these days, but it's still not useless.

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
  2. Self Host with Roundcube by nullchar · · Score: 3, Informative

    Or you could run Roundcube on a host you trust. Setup Postfix to use TLS to send/receive mail from your trusted friends who also run their own email systems.

  3. More powe to them, but... by Kazoo+the+Clown · · Score: 4, Interesting

    There are a couple of tough problems to solve. One, defeating traffic analysis. Encryption is just a first step. Encrypting everything, no matter how trivial, will be important, and certainly helps, but it's not enough to keep listeners from knowing who is talking to who.

    Second, bringing the public at large into the fold. Noone will use an email system that can't be used to send email to all their friends and family, most of which aren't going to be switching anytime soon. One thing that might help is a system that automatically knows when the recipient is encryption-capable, encrypts when it is, but when it's not, inserts a warning message that their email is not secure and may be stored by third parties and governments-- essentially an advertisement for switching to a more secure email system. This would help us all educate our friends and keep them reminded every time they get an email from us as to the issues. It could help convince them that it's worth switching.

    1. Re:More powe to them, but... by cultiv8 · · Score: 2

      Um, I'll bite, it's on Github and licensed under AGPL.

      --
      sysadmins and parents of newborns get the same amount of sleep.
    2. Re:More powe to them, but... by AmiMoJo · · Score: 2

      Just attach your public key to every outgoing email, and then clients that support it can automatically collect and start using it.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
  4. Not sure who the market is here? by beaverdownunder · · Score: 4, Interesting

    Given that the average e-mail user has already accepted that their communications aren't secure, I have a problem visualising how said average user can be convinced that a 'replacement' for traditional e-mail is any more secure than the existing offering, or if said security even matters.

    First, there's absolutely no way you can build trust. What are you going to do? Tell them it's secure because of X, Y or Z? The point here is that your average e-mail user doesn't understand encryption, PGP keys or any of that. It just translates as blah, blah, blah; give us your e-mail so we can snoop through it just the same as the other guys do. Oh? You can read the source code and confirm that it's all legit? The average user can't read source code! These claims are all worthless.

    Second, if there's already an acceptance that having your e-mail open for analysis somehow prevents your child from being blown-up at a bus stop, you're not going to be very fond of encouraging the adoption of a product that could aid terrorism, let alone use it yourself.

    So, if you can't build trust, and your potential user base can be put off your product by the spectre of terrorism, then what's your business model? If the user can't be convinced they'll have any more privacy without the expense of a potential surge in terrorism, there isn't one. You can only preach to a choir that would already be using PGP, etc. if they cared enough to do so.

    But you can't even get widespread adoption in the geeks! Most of us use cloud e-mail services, Facebook, etc. and just don't care enough, let alone would ever truly trust your product, regardless of how transparent you attempt to make it.

    tl;dr: there are better uses for the developers' time here than building a baseball field nobody will ever play on.

    1. Re:Not sure who the market is here? by bonniot · · Score: 4, Interesting

      You can read the source code and confirm that it's all legit? The average user can't read source code! These claims are all worthless.

      An answer to that is that even though only 0.1% of users can read source code, ...

      • - 5% know somebody who can read code;
      • - 30% know somebody who knows somebody who can read code;
      • - ...
      • - 100% know a newspaper who would publish the story if a single expert read the source code and discovered there is snooping hidden in it (by then a host of other experts can simply confirm this fact)

      Given this, it's quite likely that if an open source tool contains malicious code, and it is widely used, this will be revealed eventually. Of course there is no 100% guarantee. But this claim is far from worthless. You can have much higher confidence that an open-source tool does not have hidden snooping compared to closed-source, and this even if you can't or won't read the source code yourself.

      --
      Watch great movie opening scenes!
    2. Re:Not sure who the market is here? by mongrol · · Score: 4, Insightful

      I disagree that the normal user has accepted their email is not secure. I'm fairly certain that most normal user's have no idea that email is insecure.

  5. I note that antispam is "under development" by astralagos · · Score: 2

    I'll be deeply curious to see if they actually manage to produce a viable antispam solution. I find the thing that almost everyone walks past when talking about antispam is that it requires reading other people's mail. gmail takes advantage of economies of scale to notice that the same phrase is appearing repeatedly in multiple messages from different names, for example. Spammers are clever and will figure out ways past everything eventually, so I like to ask people if they're willing to trade infinite spam for total email privacy.

  6. Re:Who hosts? by AdamWill · · Score: 2

    "Self Hosted

    Mailpile is a modern web-mail you run on your own computer.

    You can host your install of mailpile on your laptop, desktop, Raspberry PI or a server in the cloud. Or put it on a USB stick and carry it in your pocket. It's your choice."

    From the front page of their site.