We are Hiring!
Posted by Bjarni Rúnar on January 22, 2018
We have secured funding, hired Oktavía to manage things and posted ads for the first positions we would like to fill: Windows and Mac OS developers.
Please spread the word!
Containing the Spectre
Posted by Bjarni Rúnar on January 7, 2018
The year 2018 started with a bit of a bang, for those of us who are concerned with computer and Internet security. By now you have probably heard of the Spectre and Meltdown attacks. These security holes are big news, because they represent a new class of security vulnerability - and almost everybody is potentially vulnerable. The industry is still working through the implications.
Quoting the official site:
Meltdown and Spectre exploit critical vulnerabilities in modern processors. These hardware vulnerabilities allow programs to steal data which is currently processed on the computer. While programs are typically not permitted to read data from other programs, a malicious program can exploit Meltdown and Spectre to get hold of secrets stored in the memory of other running programs.
And quoting Bruce Schneier:
... there's no patch for Spectre; the microprocessors have to be redesigned to prevent the attack, and that will take years. [...] This is bad, but expect it more and more. Several trends are converging in a way that makes our current system of patching security vulnerabilities harder to implement.
So that's the bad news. Is there any good news?
Well, all is not lost: Spectre, Meltdown and similar as-yet-undiscovered CPU bugs are only a problem when a malicious person can run code on a computer you rely on. This happens more than you might think, but this limitation does tell us how we can protect ourselves today, tomorrow and next week.
The most important advice is standard. You've heard it before, but it bears repeating: prompty install any available updates to your browser and operating system, and avoid installing software (including mobile apps) from untrusted sources. Let the professionals help you.
Finally, if you really want to defend against Meltdown, Spectre and whatever the next big bug will be: Avoid shared hardware.
That means avoid VPS servers. Avoid cloud services. If privacy and confidentiality of your data matters to you, you may want to keep it on hardware directly under your control (and make sure you have good backups).
It so happens that this is Mailpile's driving philosophy.
We want to empower everyone, not just techies, to store their e-mail on devices under their control. This is very difficult today. Our primary goal is, and always has been, to make it much easier. For everyone.
If you would rather support something more immediately related to the problem at hand, the NoScript team also accepts donations. They are absolutely worth supporting.
Thanks, and stay safe!
Holiday Season Updates
Posted by Bjarni Rúnar on December 12, 2017
Happy holidays, dear readers!
It's been way too long since I updated this blog. Way too long!
Back in August, the plan was to quickly post job ads and start looking for people to hire for our next stages of work - building minimal Windows and Mac GUIs, and installers.
That timeline didn't quite pan out, mostly because I was distracted by other work. My other job needed my attention, then the Icelandic government collapsed, so I volunteered some of my time to help the Icelandic Pirates campaign. I also moved back to Italy from Iceland, which always slows me down for a while.
But enough excuses already!
After some intensive introspection and deep analysis of the Mailpile project's structure and history, we have identified our biggest problem: I am a bottleneck. OK, I made that up. We didn't perform any analysis, it's been obvious for a while that this is a problem. However, empowered by Bitcoin's latest shenanigans, we have finally done something about it.
We've hired a project manager!
The talented Oktavía Hrund has been hired to make sure things get done in spite of me. She has a contract in hand, a budget to work with and Mailpile installed on her laptop... she's here to kick ass and chew bubblegum.
We have changed ownership!
Another recent development, is Mailpile ehf, the Icelandic company founded around the project has changed ownership. Mailpile ehf used to be fully owned by the original project founders: Smári McCarthy, Brennan Novak and myself. Since then, Brennan has moved on to other things. Recently he sold his shares to Daniel Yeow. Daniel should be a a familiar face to the the speed skaters amongst you (I hear Mailpile is huge in the speed skating community... huge!), but he has also been helping out with coordination of our Transifex community while researching whether it is possible to use Raspberry-Pi-like devices to make a Mailpile hardware product.
You made this happen!
Your encouragement, your belief in our vision and your gracious donations (including Bitcoin donations) are what makes Mailpile possible. Bitcoin prices have risen dramatically, so much so that we now have enough magical Internet money to fund another round or two of work after this one - assuming Bitcoin doesn't collapse completely in the meantime! So thank you again for your trust and donations. They have given us the motivation and courage we need to keep going and make Mailpile available, easy and accessible to you all! We may be late, but never isn't an option.
That's the news for now.
I'm sure Okta will make me blog again soon. Until then, I hope you enjoy Santaseason, spend some quality time with your loved ones and enter the Gregorian Calendar New Year full of joy and optimism...
Still Hacking Anyway
Posted by Bjarni Rúnar on August 13, 2017
Last weekend, I happily attended the Dutch SHA2017 Hacker Camp. I slept in a tent, gave a talk about Mailpile and had too much beer and almost enough interesting conversations.
The advertised title of my talk was "Four years later", because Mailpile itself was launched at the last Dutch hacker camp: OHM in 2013. So I talked about what Mailpile is, what has happened during the last four years and finally I announced our first 1.0 release candiate!
However, I sneakily changed the title to Still Hacking Anyway, because I just liked that better.
Thanks to the Chaos Computer Club media project, you can watch the talk here:
After the talk I gave away a bunch of Mailpile t-shirts and stickers, but mostly relaxed and enjoyed being surrounded by interesting hacktivists at the camp. It was a wonderful event and the organizers and volunteers all did a fantastic job.
The talk ended with a call for help; funnily enough, I'm roughly on schedule and would like to hire a couple of developers to help me complete the Plan for 2017. I will post more details about the positions later this month: if you know Windows or Mac desktop developers that are looking for 3-4 months of contract work, watch this space - or just get in touch!
A correction: I am aware of one factual error in my talk: I said that GnuPG 2.1 was moving towards making TOFU the default trust model. This is incorrect. My apologies!
- SHA2017, Here We Come!
- A Plan for 2017
- Too Cool for PGP
- Protecting Your Local Data
- Search as a Core Feature
- Rebooting the Mailpile Development Process
- Delegate, Automate, Collaborate, Pirate
- Python SSL Woes
- Status Update and PyCon SK report
- Happy Frozen New Year!
- Merry Christmas, Hello 32c3!
- Why so quiet?
- UI Updates, OTF news
- Fall FAQs
- PyCon UK and Mailpile Mel
- Goals and Releases
- Quiet days; new people
- Thank you!
- On Crowdfunding and Burnout
- Github Issue Cleanup Frenzy
- Vacation over; Back to work!
- Mailpile Beta III: WYSIWYG
- Beta III preparations
- License: The Python's Tongue
- Fast Startup and Key Discovery
- The DCSS Conference in Cardiff
- Licensing: Your Feedback So Far
- Multiple PGP Key Support!
- Roadmap Reality Check
- An AMA with the Localization Lab
- Digging for Data
- Site updates and community roadmap launched
- Choosing a License for Mailpile 1.0
- Last week: code pushed, Cloudfleet, key discovery
- A Roadmap to Version 1.0
- Last week: Roadmap, Memory Hole, refactoring
- The First OpenPGP E-mail Summit
- Back to Work!
- Beta Rejected!
- More thoughts on working with GnuPG
- Mailpile Beta II - the 4096 bit release
- To PGP/MIME or not to PGP/MIME
- Some thoughts on working with GnuPG
- One Year Later: Mailpile Beta
- Our Upcoming Beta Release: Part II
- Our Upcoming Beta Release
- Mailpile Alpha II - The Dogfood Edition
- Where is the Community Site?
- Mailpile Workshop in London
- Development, Perks, and Alpha (IGG Update #8)
- Alpha Release: Shipping Bits and Atoms
- A Plan For Spam ... and Bacon!
- A Pound of Security
- Speaking Your Language
- Perks? What perks? (IGG Update #7)
- DarkMail and Secure Protocols
- The Month of Dog Fooding
- Thank you! (IGG Update #6)
- A Rough Budget and Alpha Roadmap
- Surveillance And Centralization (video)
- The Home Stretch (IGG Update #5)
- PayPal News (IGG Update #4)
- PayPal Freezes Campaign Funds
- PayPal News (IGG Update #3)
- Fonts and Copyright Licenses
- We are funded! (IGG update #2)
- Turning Money Into Code
- Digging Through the Details
- Our first week (IGG update #1)
- Designing Security (video)
- Mailpile Launched
Don't panic: Our website is temporarily unavailable as we migrate to a beefier VPS.
Its Friday afternoon in some parts of the world - your inbox is hassling you & you drift off to better future where you have an email client that is a search engine & a personal webmail server that has email encryption built in!
Help us build that future! http://mailpile.is/jobs
@MailpileTeam, Fri, 09 Feb 2018 15:43
Iiiitttt´ssss "Hump Day" everybody!
Did you know that Mailpile is still looking for developers? we would luurv to get Mailpile out to as many as possible, make it accessible for most! Join us to package for Windows and MacOS! http://mailpile.is/jobs
@MailpileTeam, Wed, 07 Feb 2018 15:46
Hey developers! We are still looking for you <3 so much so that we have extended our deadline for MacOS and Windows developers to Feb. 14th <3 <3
Ping us for questions - more info here: http://mailpile.is/jobs
@MailpileTeam, Thu, 01 Feb 2018 12:00
The Mailpile Team is back after being dormant for a while and we are looking for developers to help us Mailpile out for more people to use! Check out http://mailpile.is/jobs for details
@MailpileTeam, Mon, 29 Jan 2018 09:57
We are hiring!
We are looking for Windows and Mac OS developers to help us get Mailpile 1.0 in the hands of as many people as possible.