MailPile: Secure FOSS Crowdfunded E-mail with Simple-to-use Encryption

[wraith808]

MailPile looks cool... in their words:

The State of E-mail

Mailpile is written by a small team of open source veterans and privacy advocates, based in Reykjavík, Iceland. We believe the world needs a better free software web-mail solution.

Edward Snowden's recent leaks were a wake-up call, confirming what many had long suspected, that the troves of e-mail stored on our behalf by Google, Microsoft and others are irresistable targets for those who would like to invade our privacy, be they criminals or overzealous government organizations like the NSA.
These companies base their businesses on controlling our data and communications and are never going to do the one thing that would protect our mail from the snoops: encrypt it. So, if we want to take control of our e-mail, if we want privacy and encryption, we have to do it ourselves.

Mailpile is free software, a web-mail program that you run on your own computer, so your data stays under your control. Because it is free software (a.k.a. open source), you can look under the hood and see how it works, or even modify it to make it better suit your particular needs. Mailpile is designed for speed and vast amounts of e-mail, it is flexible and themeable and has support for strong encryption built in from the very start.

We need your help to make it a reality!

They're running funding on IndieGoGo, and have the project already up on GitHub.

In a twist, Paypal is acting like jerks again towards them:

The other week we covered the crowdfunded initiative out of Iceland, MailPile, which seeks to provide easy to use secure email in response to the revealed NSA programs. They've raised $135,000 out of their $100,000 goal, and theres 6 more days for more wallets to get involved.

Well, sorta. PayPal has frozen their account, so $45,000 of the $135,000 they've raised so far is in a state of limbo. According to designer and front-end developer Brennan Novak on the company's blog, PayPal is reserving the right to hold onto the money unless they come up with a budgetary breakdown of how they plan to use the donations.

This puts the company in an uncomfortable position, because it's a strange request from the payment provider.

A payment provider policing business plans?  That's just... wrong.  Apparently, they figured that out (or it was pressure)

We have reached out to @MailPile and the limitation has been lifted. Supporting crowd funding campaigns is an exciting new part of our business. We are working closely with industry-leaders like IndieGoGo and adapting our processes and policies to better serve the innovative companies that are relying on PayPal and crowd funding campaigns to grow their businesses. We never want to get in the way of innovation, but as a global payments company we must ensure the payments flowing through our system around the world are in compliance with laws and regulations. We understand that the way in which we are complying to these rules can be frustrating in some cases and we've made significant changes in North America to adapt to the unique needs of crowd funding campaigns. We are currently working to roll these improvements out around the world.

I really hope this works out...

[Vurbal]

Apparently, they figured that out (or it was pressure)

-wraith808 (September 05, 2013, 06:34 PM)

I think we know which one it was.

[Renegade]

Apparently, they figured that out (or it was pressure)

-wraith808 (September 05, 2013, 06:34 PM)

I think we know which one it was.

-Vurbal (September 05, 2013, 07:16 PM)

Yep.

And I know understand why researchers in Korea developed ARIA. Or I'm guessing... God only knows anymore.

I really hope this works out...

-wraith808 (September 05, 2013, 06:34 PM)

Not if PayPal and its masters have anything to say about it.

We have reached out to @MailPile and the limitation has been lifted. Supporting crowd funding campaigns is an exciting new part of our business. We are working closely with industry-leaders like IndieGoGo and adapting our processes and policies to better serve the innovative companies that are relying on PayPal and crowd funding campaigns to grow their businesses. We never want to get in the way of innovation, but as a global payments company we must ensure the payments flowing through our system around the world are in compliance with laws and regulations. We understand that the way in which we are complying to these rules can be frustrating in some cases and we've made significant changes in North America to adapt to the unique needs of crowd funding campaigns. We are currently working to roll these improvements out around the world.

No, that's just you trying to dictate what people can spend THEIR money on and HOW they do it.

Sigh... breathe... 1, 2, 3, 4, 5, 6, 7, 8, 9, 10...

Ok...

Now, does anyone have any more questions about why Bitcoin is good idea?

As for the actual service/product - looks interesting. It seems that there are more like this popping up. But "email"? Man... I'm so sick of email. It's just so broken. I really think we need to scrap it and just start over with something new. A simple communications platform for letters, short messages, attachments, audio, video, audio/video/rich media messages, etc. People keep dumping resources into a broken platform.

Is your face bloody?
Yep.
Well, keep banging it against the wall and maybe the pressure will stop the bleeding.

 

[Renegade]

Techdirt mentions another one here:

http://www.techdirt....ernet-services.shtml

MailElf.

[wraith808]

As for the actual service/product - looks interesting. It seems that there are more like this popping up. But "email"? Man... I'm so sick of email. It's just so broken. I really think we need to scrap it and just start over with something new. A simple communications platform for letters, short messages, attachments, audio, video, audio/video/rich media messages, etc. People keep dumping resources into a broken platform.

-Renegade (September 05, 2013, 11:45 PM)

The thing about it is that I think that most people would agree that e-mail is broken.  There currently isn't a viable solution to the problem itself, so in the meantime, do you ignore that there is a problem until something else comes along?  Or do you work within the constraints of what exists in order to hopefully make it a little bit better until the time that the next innovation happens?

[Renegade]

The thing about it is that I think that most people would agree that e-mail is broken.  There currently isn't a viable solution to the problem itself, so in the meantime, do you ignore that there is a problem until something else comes along?  Or do you work within the constraints of what exists in order to hopefully make it a little bit better until the time that the next innovation happens?

-wraith808 (September 08, 2013, 11:35 PM)

Yeah... I know... I bitch about email quite a bit.

We've pretty much got everything we need to cobble together a better standard though. We know the issues and know the solutions. We just haven't assembled together the right combination yet.

What's happening in crypto currencies right now is really cool stuff. They've solved a huge number of really interesting problems, and have a massive arsenal of techniques that could be used. Bitmessage is along those lines right now. I tried to get some people to use it with me, but... sigh... can't manage to get anyone there.

I'm using Jitsi to talk with a close friend now. We generally start on Skype then move to Jitsi. XMPP/SIP/Jitsi doesn't quite seem prime time yet, but it's getting there. It's not an email replacement though.

[Target]

As for the actual service/product - looks interesting. It seems that there are more like this popping up. But "email"? Man... I'm so sick of email. It's just so broken. I really think we need to scrap it and just start over with something new. A simple communications platform for letters, short messages, attachments, audio, video, audio/video/rich media messages, etc. People keep dumping resources into a broken platform.

-Renegade (September 05, 2013, 11:45 PM)

but do we really need it?  there must thousands of newer, more exciting and innovative social mediums to develop and exploit before we even need to consider such a thing

[Renegade]

As for the actual service/product - looks interesting. It seems that there are more like this popping up. But "email"? Man... I'm so sick of email. It's just so broken. I really think we need to scrap it and just start over with something new. A simple communications platform for letters, short messages, attachments, audio, video, audio/video/rich media messages, etc. People keep dumping resources into a broken platform.

-Renegade (September 05, 2013, 11:45 PM)

but do we really need it?  there must thousands of newer, more exciting and innovative social mediums to develop and exploit before we even need to consider such a thing

-Target (September 09, 2013, 05:37 PM)

Yes. We do need it. But I'm not aware of anything that is "prime time" ready to use.

[Target]

Yes. We do need it. But I'm not aware of anything that is "prime time" ready to use.

-Renegade (September 09, 2013, 10:58 PM)

I must be slipping - it would seem you missed the sarcasm in my reply

[Renegade]

Yes. We do need it. But I'm not aware of anything that is "prime time" ready to use.

-Renegade (September 09, 2013, 10:58 PM)

I must be slipping - it would seem you missed the sarcasm in my reply

-Target (September 09, 2013, 11:11 PM)

Blah. Sorry. I think that's my lack of caffination at the moment. Need another jolt me thinks.

[Vurbal]

I'm really not that interested in improving email at this point. It's essentially a walking dead technology already and for good reason. Email is, and always will be, the electronic equivalent of intra office memos. It's simply not an appropriate model for people's modern day needs.

I don't know what the solution will look like but I am convinced it will be peer to peer rather than server-client oriented. The bigger question is how to build a distributed but still user friendly security model. That probably starts with some combination of hardware and software/firmware which doesn't exist just yet but is likely just over the horizon.

[Renegade]

I'm really not that interested in improving email at this point. It's essentially a walking dead technology already and for good reason. Email is, and always will be, the electronic equivalent of intra office memos. It's simply not an appropriate model for people's modern day needs.

I don't know what the solution will look like but I am convinced it will be peer to peer rather than server-client oriented. The bigger question is how to build a distributed but still user friendly security model. That probably starts with some combination of hardware and software/firmware which doesn't exist just yet but is likely just over the horizon.

-Vurbal (September 10, 2013, 09:35 AM)

Have you looked at Bitmessage? It has some interesting things going on, and is P2P.

One downside of P2P is that you have increased bandwidth and storage costs. For messaging with attachments, I think the Bitmessage model is a no-go. Unless message size bears a significant cost, size will be a major issue.

[40hz]

It's all cool.

But until we get to the bottom of identifying possible and likely holes, errors, and other tampering by the NSA and their cohorts to weaken but not completely break the standards, protocols, and algorithms we currently rely on, we're still building on sand. Because right now it's looking like IPsec, SSL, and certain forms of encryption have all been tampered with in this manner.

At this point, I think the only valid indication of genuine signal security would be to see how quickly the technology behind it got outlawed by government.

Single use cypher pads and flash paper anyone?