Email encryption has been around for a while, but virtually nobody uses it, because it’s quite complex to setup, and your recipients email clients, apps or browsers must also support encryption. Revolutek aims to simplify the setup and usage of encrypted email with their “Own-Mailbox” based on open source hardware and software technology.
The hardware solution could have been based on the Raspberry Pi board in theory, but the popular board requires a closed source binary to boot, documentation about part of the hardware is lacking, and once the enclosure, and required accessories are included the price would have been higher. So instead they decided to design their own hardware based on an Allwinner processor:
- SoC – Allwinner A13 Cortex A8 processor @ 1GHz
- System Memory – 256 MB RAM
- Storage – (micro?) SD card slot with 16GB card included
- Connectivity – 10/100M Ethernet (Lan9500A controller)
- USB – USB host port for storage, mini USB for power or to connect to computer.
- Dimensions – A least three times smaller in volume than most R-Pi cases.
The hardware has been designed with KiCad open source EDA software, and the latest hardware and mechanical files can be downloaded on their website under Cern Open Hardware License 1.2 (Schematics, PCB) and Creative Commons Non Commercial NoDerivatives 4.0 license (Casing).
The mini server will run Debian, receive security updates from the Debian repository automatically, and you can install any package you want as you’d do on any Ubuntu/Debian server. Most of the software running on the board is existing free software like a modified version of Roundcube webmail interface, Postfix email server, and OpenPGP for PGP (Pretty Good Privacy) email encryption.
One of the neat features of their solution is that you can either use a new email address, or your existing email address from Google Mail, Yahoo, Hotmail, and so on. If you use the latter, your emails will be unreadable from the default email interface, and all what the email providers will be able to see are encrypted email, so if they receive a government request to release data, or their servers are comprised, your data will still remain private. I’m not sure if that breaks any “User’s agreement” from the email providers however.
Another cool feature is that you’ll be able to send encrypted emails not only to PGP users, but also to any users around the world, thanks to Private Link Messages which include temporary HTTPS links send to your recipients where he/she/they can read the encrypted message after answering a security question, and reply on your Own-Mailbox. Not the most convenient, but still a useful workaround.
They’ve already released U-boot and Linux 4.0.3 source code on their Open Source page, and plan to release their other modifications once the project is complete.
Own-Mailbox project has been listed on Kickstarter for a few days, and so far they’ve raised 46,000 Euros out of their 95,000 Euros target. A 59 Euros pledge should get you a Own-Mailbox by June 2016, with Beta backers getting there’s in December 2015. Shipping is 6 Euros to France, an 12 to 14 Euros to the rest of the world.
Further details can also be found on own-mailbox.com.
Thanks to Nanik for the tip.
Jean-Luc started CNX Software in 2010 as a part-time endeavor, before quitting his job as a software engineering manager, and starting to write daily news, and reviews full time later in 2011.
Support CNX Software! Donate via cryptocurrencies, become a Patron on Patreon, or purchase goods on Amazon or Aliexpress
It is not cheap, and I wonder…
will they give back some money (and code, of course) to the many open source projects they are using to implement their Own-Mailbox??
(I will guess not…)
According to Kickstarter page: “We will then release all the code as Free Software.”
With all government spying, I like a personal mailserver. Just like a NAS as a personal cloud.
However, a personal SMTP-server also means taking care of difficult mail stuff: avoiding spam, avoiding mail relaying, avoiding getting blocked/blacklisted by your ISP or other mailservers. That is not easy at all.
If you use POP3 and/or a smart host for relaying, your mail can still be spied upon.
Above the Own-Mailbox: I like the casing, I don’t believe the encryption-via-a-URL will work for other users, and I find the price too high.
The acid test for the security of this device is whether or not it would be suitable for a Secretary of State to use as their own mail server at home.
Allwinner A13?! i wonder how much the chip cost now a days.
for an A13 device its expensive, outrageously so.
75EUR retail?!?!
You have to think that money will go to sw development which will be opensource.
But still the device itself is pretty expensive. Now that we have so many cheap devices.
minor corrections:
“but the popular board requires a binary to boot” -> but the popular board requires a closed source binary to boot
“kickstater” -> kickstarter
The campaign failed to raise $95,000 -> https://www.kickstarter.com/projects/1547898916/own-mailbox-the-first-100-confidential-mailbox/posts/1366437
They plan to launch another one in 4 to 5 months with improved features like anonymous email and Tor support (using their own proxy…)
https://www.own-mailbox.com/reloaded.html