Own-Mailbox, the first 100% confidential mailbox

529 点作者 yannski将近 10 年前

49 条评论

pjc50将近 10 年前

It used to be possible to run your own SMTP server, inbound and outbound, from home. This was so badly abused by spam that port 25 is blocked almost everywhere.Domestic systems tend to be in configurations that make it hard to accept inbound TCP connections. You could serve SSL on a random port and open a port using UPNP, and it will work most of the time.It's a difficult circle to square. The most trustworthy system is one you administer yourself and manually inspect all updates, but in practice the amount of work required makes that almost impossible. If you allow the OEM to do updates they can compromise you. If you don't do updates you end up vulnerable to exploits.The "send a reference to the message not the message" technique was part of DJB's "internet mail 2000" proposal: <a href="https://en.wikipedia.org/wiki/Internet_Mail_2000" rel="nofollow">https://en.wikipedia.org/wiki/Internet_Mail_2000</a>

评论 #9799556 未加载

评论 #9799042 未加载

评论 #9802512 未加载

评论 #9799504 未加载

评论 #9799049 未加载

评论 #9801113 未加载

radiospiel将近 10 年前

This looks very similar to what we built one year ago at <a href="https://kinko.me" rel="nofollow">https://kinko.me</a>. And then we even managed to solve most of the problems outlined in the comments here (Port 25 blocked, etc.) But our crowdfunding campaign failed, and I have seen other campaigns with similar topics and target audiences fail since.Consequently I doubt that a relevant audience for that type of device really exist -- even though I wished own-mailbox would succeed.

评论 #9799951 未加载

tptacek将近 10 年前

How does transmitting an HTTPS link solve email encryption for people who don't have PGP? The link is sent plaintext. Does the system require users to register out-of-band somehow? That's how corporate email "encryption" systems work (the "send an HTTPS link" approach is popular with financial firms).The underlying approach this system uses --- webmail, but on a special purpose box the user owns --- is actually sound. It seems like a pretty good refinement of Mailpile.On the other hand, they should tone the rhetoric down. I winced at "100% secure".

评论 #9798615 未加载

评论 #9798597 未加载

评论 #9798867 未加载

_asciiker_将近 10 年前

The reason for SMTP servers being better off in a proper data-center is not really due to port 25 being blocked at home, it's the entire infrastructure that assures reliability, so if your power goes out or your home router decides to die or your ISP is having issues, etc, you would start losing emails right away.EDIT: I understand SMTPs are resilient but it also depends on the type of error they get back, even then it can't be expected that all servers keep retrying for long periods of time or even handle triple bounces. So you 'could' start losing emails right away, is a better way of saying it.

评论 #9798879 未加载

评论 #9798891 未加载

评论 #9798909 未加载

评论 #9800346 未加载

评论 #9799114 未加载

评论 #9799271 未加载

评论 #9799842 未加载

评论 #9798914 未加载

评论 #9798866 未加载

pppp将近 10 年前

Many ISP's including my own in the U.S. don't allow running servers from home, especially SMTP.

评论 #9798380 未加载

评论 #9800448 未加载

评论 #9798357 未加载

评论 #9798419 未加载

评论 #9799072 未加载

评论 #9798552 未加载

评论 #9798365 未加载

评论 #9798358 未加载

lisper将近 10 年前

SC4 is in-browser encryption that works with your current email account:<a href="https://github.com/Spark-Innovations/SC4" rel="nofollow">https://github.com/Spark-Innovations/SC4</a>It's open-source and audited. Based on TweetNaCl. Feedback very much appreciated.

评论 #9799600 未加载

nadams将近 10 年前

A couple of problems as noted already that will make this a show stopper:> Port 25 is blocked inbound on most residential accounts - preventing you from receiving email> Many SMTP servers are configured to automatically bounce email from residential IPs - so sending would be a problemThe point of GPG is to make sure that the only person that can read the message is the one you sent it to. Having a HTTPS site doesn't prevent the random person from viewing the link and doesn't verify the user. Now - this might be interesting if the web app that shows the email has as GPG library in Javascript requiring the user to have GPG keys.I think a better scenario is if keys haven't been exchanged - to send an email with "Alice would like to communicate over secure email - please download and generate a set of keys" with instructions on what to do. But I have no idea how not to make it look spammy.This is just hilarious:> Why shouldn't I trust and use any cloud email service with JavaScript client-side encryption?> Encryption is done in JavaScript, and therefore relies on browser's JavaScript engines, which 80% of the time [1] are proprietary software coming from Google, Microsoft, and Apple, most eminent NSA collaborators.The author does know that Chrome is open source right (well I guess technically Chromium but I hope it's based on the same code)?> Why not use a raspberry Pi?> Mainly because it cannot be trusted enough for this kind of application. [...] The Raspberry pi is provided with non-free software and the hardware needs non-free driver to work.I've used Debian Linux on it before and didn't need to install third party drivers?

评论 #9799335 未加载

评论 #9799562 未加载

评论 #9799194 未加载

评论 #9799482 未加载

phaer将近 10 年前

* Reliability of ones Internet connection should not be much of an issue, because SMTP servers should retry to deliver a mail for several hours/days. Otherwise a secondary MX could be used as a backup for mails in transit.* Policies of ones ISP are often a problem for something like this, you likely need a "business connection" for something like this.* Dynamic DNS could be used for receiving, but you won't have much success in sending mails unless you have reverse DNS working and that requires a static IP as far as i know. Most users will only get a static IP for "business connections".* I'd be really interested how the combine their usage of GPG with multiple client. Is there some sort of key management included? How does it work with Webmail/Roundcube? Is the same key used for desktop and mobile phones?

dlapiduz将近 10 年前

It would make sense to add HTTPS to your website if you are promoting security and privacy....

评论 #9798532 未加载

skrowl将近 10 年前

This sounds pretty neat, until it breaks and you lose all of your email because it has no offsite backup.

评论 #9798420 未加载

评论 #9800594 未加载

评论 #9799305 未加载

评论 #9798436 未加载

h4waii将近 10 年前

While I understand the team behind this is French, the broken English and bad capitalization are haunting."rasberry Pi""Plug at your home""Through a webmail""Plug it in mini-usb to your computer""Will I get a root access"Why not have somebody with English as their first language give it a look before making it public?

评论 #9798512 未加载

darkhorn将近 10 年前

What if the device is confiscated by police? At least Gmail doesn't give your data to non-USA countries when you swear to your government.

评论 #9798709 未加载

评论 #9799126 未加载

dfar1将近 10 年前

Its main feature is security, which is great for paranoid people. But what happens when you are miles away from home and your internet connections to the server goes down? How are you going to check your e-mail?

评论 #9809095 未加载

评论 #9798702 未加载

zekevermillion将近 10 年前

If you're concerned about privacy, it seems the best method is still to cut-and-paste encrypted envelope into regular mail client to avoid possible vulnerabilities, both physical and software. The obvious problem with a self-hosted server that you order from a company is that it can be intercepted or otherwise compromised before it arrives at your home. Thus it is potentially even more vulnerable than just pasting GPG encrypted message directly into gmail client.

antrover将近 10 年前

100% confidential? Nothing is 100% confidential if it's connected to the Internet.

junto将近 10 年前

> What about SSL certificates and authorities for HTTPS?> Each Own-Mailbox will generate automatically its SSL key at first setup, and send to us the public part.> Letsencrypt Certification Authority will be used , it is free and very easy to setup, and it will be handled automatically by your Own-Mailbox. Every Own-Mailbox will automatically ask for certification for its key indepently from us.Interesting idea.

amelius将近 10 年前

Are we going to buy physical devices now, for all the things we used to do in pure software? How many devices will we end up with?

评论 #9801635 未加载

padm将近 10 年前

Regarding hardware-assisted self hosting, there is <a href="http://internetcu.be" rel="nofollow">http://internetcu.be</a> which, among other things, does email (and bypasses ISPs restrictions by bundling the "box" with a VPN and providing static IPv4 and 6 addresses to each user).It's some sort of "freedombox" [0] come true. It works out of the box, in a plug and play fashion (and it's based on free hardware [1] and free software [2]).[0] <a href="https://en.wikipedia.org/wiki/FreedomBox" rel="nofollow">https://en.wikipedia.org/wiki/FreedomBox</a>[1] <a href="https://www.olimex.com/Products/OLinuXino/A20/A20-OLinuXino-LIME/open-source-hardware" rel="nofollow">https://www.olimex.com/Products/OLinuXino/A20/A20-OLinuXino-...</a>[2] Debian, <a href="https://yunohost.org" rel="nofollow">https://yunohost.org</a> ,...

Tloewald将近 10 年前

The funny thing that most people who obsess over encryption forget is that using tough encryption attracts attention, and all the encryption in the world won't save you from simple workarounds (<a href="https://xkcd.com/538/" rel="nofollow">https://xkcd.com/538/</a>) and ordinary surveillance.The solution for all of us is to make ordinary communication more expensive to break into rather than to go out on a limb with attention-getting extraordinary measures.I'd also have to say -- no offense intended -- that what I take to be a central European accented voice-over advocating using a new security product to avoid NSA surveillance doesn't fill me with confidence. I'm pretty sure the NSA is at least well-intentioned.I'd suggest your best pitch accent would be scandinavian or perhaps Australian (not that the Australian government isn't horrible, but it's pretty harmless).

评论 #9800062 未加载

biturd将近 10 年前

How are they going to receive mail? All blocks of IP's from any provider are blocked, usually huge blocks, larger than /24 often. No one is getting to any comcast users, they as do many others publish lists of their IP ranges so you can block then in your server or use an RBL.

评论 #9799144 未加载

评论 #9799150 未加载

kolme将近 10 年前

I thought Posteo [1] is already 100% confidential? Please someone correct me if I'm wrong.<a href="https://posteo.de/en/site/privacy_policy" rel="nofollow">https://posteo.de/en/site/privacy_policy</a>

评论 #9799722 未加载

chinathrow将近 10 年前

I see a small market for this: bundled with verifyable co-location space.At home, it's simply not going to work unless they also offer a VPN service for the ports in use. SMTP on an eyeball provider IP is simply dead these days.

tiatia将近 10 年前

Wow. I suggested this once (maybe even on HN):Meta-data are also problematic. We are working on a solution for that, but it won't be included directly in our first version.It will probably come for free with updates. Our idea is that for every email you send, your box randomly sends ten encrypted fake-emails, at random moments, at ten random addresses. Recipients server automatically sees that it is a fake email when it decrypts it, and automatically drops it.

tinco将近 10 年前

I've been working on this exact idea on and off for almost a year now. Very cool to see someone else working on it, they've some nice solutions for hard problems too.I don't really like the choice for RoundCube, but without decent funding or a couple of expert web developers they'll be hard pressed to build something better.Also nice to hear they're also from Europe, it goes to show the U.S. surveillance worries are very much alive here.

tarikjn将近 10 年前

This only address the issue of government surveillance of email through service provider backdoors. Since this would as well require auto software update to be as user friendly as the video advertise, you might as well give up the same amount of security for a service that is hosted in a liberty-friendly nation and not have to deal with SMTP flagging and home power issues.

someITguyWI将近 10 年前

I run my own mail server even though my ISP blocks port 25 OUTBOUND. I use DynDNS's Mail relay service. Only costs about $20/yr. I never have have a problem being flagged as spam or anything else. I can receive mail on port 25 INBOUND with no issues. I set my MX RR to my home IP and add a secondary to a dynamic address, also through DynDNS. works great!

Tepix将近 10 年前

If you want to set up something like this on your own hardware (not just email, also owncloud, jabber, etc), check out sovereign <a href="https://github.com/sovereign/sovereign" rel="nofollow">https://github.com/sovereign/sovereign</a>

fallat将近 10 年前

I, like everyone else in this thread, wanted to run an SMTP server from home, only to realize port 25 was blocked.Now I rent a VPS from DigitalOcean, and availability is like 99.999% and run SMTP and other daemons no problem. I love it.So go out there and find some cheap VPSs people! :)

mdevere将近 10 年前

Newsletter subscription not working: "conection à la base de donnée impossible"

vetras将近 10 年前

I don't see anybody mentioning this anywhere. Why isn't there a wi-fi connection option?I'm aware of the security issues with low or none wifi secure networks, but most folks (myself included) never have a cable around.

z3t4将近 10 年前

The S in SMTP is a bit ironic. It's very hard to run SMTP now a days.

评论 #9800728 未加载

xyclos将近 10 年前

This looks like a great project. One thing I noticed about the website: There doesn't seem to be a way to dismiss the video overlay. I had to refresh the page.

lsiebert将近 10 年前

I want to know if the code will be available for auditing.Also, if these devices can be blocked by spam blocklists, then there should be some way to use a vpn to handle this.

评论 #9798831 未加载

sp332将近 10 年前

How do you deal with key management? Specifically, what do you do if someone doesn't remember their passphrase or loses their private key entirely?

评论 #9798343 未加载

评论 #9798336 未加载

nblavoie将近 10 年前

Getting the error "conection à la base de donnée impossible" which is misspelled. Connection should be written "connexion".

fgtx将近 10 年前

I'm getting the error message "conection à la base de donnée impossible" when I try to subscribe to your page.

rbcgerard将近 10 年前

literally no one i know uses public key encryption - so now everyone needs to clink on a link to read an email from me? don't get me wrong I think this is a cool idea, but it still doesn't address the core problem with all of the encrypted email services/clients/etc., user adoption...

jagermo将近 10 年前

Good luck. Kinko.me tried the same approach and sadly, there wasn't enough interest to fund it.

based2将近 10 年前

src: <a href="https://linuxfr.org/news/own-mailbox-la-boite-mail-confidentielle-qui-vous-appartient-vraiment" rel="nofollow">https://linuxfr.org/news/own-mailbox-la-boite-mail-confident...</a>

tertius将近 10 年前

Can we stop saying "from anywhere in the world." It's not 1994 anymore.

评论 #9803871 未加载

kpcyrd将近 10 年前

> The Own-Mailbox sends a HTTPS link to your correspondent, so that he can access the message in encrypted form. He can answer you using HTTPS protection.So anybody who can read the unencrypted mail containing the link can access and read the real mail?

评论 #9798585 未加载

bechampion将近 10 年前

Now i will keep hearing that music when i write emails.

brian_smith将近 10 年前

This seems a lot like Looking Glass just without Tor.

exadeci将近 10 年前

"You've allready Subscribed"You might want to fix that

wgx将近 10 年前

The newsletter signup form is broken :(

OceanPowers将近 10 年前

A networked computer can never be confidential. Period. Full stop.

评论 #9799037 未加载

评论 #9800794 未加载

评论 #9799410 未加载

silverdream将近 10 年前

No thanks...

hiimnate将近 10 年前

> USBAbsolutely useless

itistoday2将近 10 年前

Anything relying on HTTPS is not "100% confidential".