Hi, I’m Ivan and I am developing Tutanota to help build the web of the future where our right to privacy is being respected. I believe that privacy should not be a luxury for the rich and tech-savvy, it should be a basic human right.#mail #email #e-mail #tuta #tutanota #internet #www #privacy #security #mail client #android #droid #f-droid #app #crypto #encrypted #gpl #opensource #germany #deutschland
GCM (or, how it’s called now, FCM, Firebase Cloud Messaging) is a service owned by Google. We at Tutanota used FCM for our old Android app. Unfortunately, FCM includes Google’s tracking code for analytics purposes, which we didn’t want to use. And, even more important: For being able to use FCM, you have to send all your notification data to Google. You also have to use their proprietary libraries. Because of the privacy and security concerns that naturally go along with this, we did not send any info in the notification messages with the old app (which, understandably, led to complaints by our users). Therefore, the push notification in the old app only mentioned that you received a new message without any reference to the email itself or to the mailbox the message has been placed in.
FCM is quite convenient to use, over the years Google made changes to Android which made it harder not to use their service for notifications. On the other hand, giving up Google’s notification service would free us from requiring our users to have Google Play Services on their phones.
The challenge to replace Google’s FCM
The Tutanota apps are Libre software, and we wanted to publish our Android app on F-Droid. We wanted our users to be able to use Tutanota on every ROM and every device, without the control of a third-party like Google. We decided to take on the challenge and to build our own push notification service.
When we started designing our push system, we had several goals in mind: • it must be secure • it must be fast • it must be power-efficient
We’ve made a research on how others (Signal, Wire, Conversations, Riot, Facebook, Mastodon) have been solving similar problems. We had several options in mind, including WebSockets, MQTT, Server Sent Events and HTTP/2 Server Push.
Replaced FCM with SSE
We settled on the SSE (Server Sent Events) because it seemed like a simple solution. By that I mean “easy to implement, easy to debug”. Debugging these types of things can be a major headache so one should not underestimate this factor. Another argument in favour of SSE was relative power efficiency: We didn’t need upstream messages and a constant connection was not our goal.
So, what is SSE?
SSE is a web API which allows a server to send events to the connected clients. It is a relatively old API which is, in my opinion, underused. I’ve never heard about SSE before looking at the federated network Mastodon: They use SSE for real-time timeline updates, and it is working great.
The protocol itself is very simple and resembles good old polling: The client opens a connection, and the server keeps it open. The difference from classical polling is that we keep this connection open for multiple events. The server can send events and data messages; they are just separated by new lines. So the only thing the client needs to do is to open a connection with big timeout and read the stream in a loop.
SSE fits our needs better than WebSocket would (it is cheaper and converges faster, because it’s not duplex). We’ve seen multiple chat apps trying using WebSocket for push notifications and it didn’t seem power efficient.
We had some experience with WebSocket already, and we knew that firewalls don’t like keepalive connections. To solve this, we used the same workaround for SSE as we did for WebSocket: We send “heartbeat” empty messages every few minutes. We made this interval adjustable from the server side and randomised to not overwhelm the server.
Multi-account support poses extra challenges
It should be noted that the Tutanota app has multi-account support, and this posed a challenge for us: We wanted to keep only one connection open per device. After a few iterations, we’ve found the design that satisfied us. Each device has only one identifier. When opening the connection, the client sends the list of users for which it wants to receive notifications. The server validates this list against user records and filters out invalid ones.
Users may delete a notification token from their Settings but it would not affect other logins on this device. In addition to that, we had to build a delivery tracking mechanism when a notification is received. Unfortunately, we discovered that our server is unable to detect when a connection is broken so we had to send confirmations from the client side.
To receive notifications, we leverage Android capabilities. We run a background service which keeps the connection to the server open, similar to what the FCM process does. Another difficulty was caused by the Doze mode, introduced in Android M. The Doze, which is turned on after a period of inactivity, among other things prevents background processes to access the network. As you can imagine, this prevents our app from receiving notifications.
We mitigate this problem by asking users to make an exemption from battery optimisations for our app. It worked fairly well. The similar problem, but unrelated to Doze is vendor-specific battery optimisations. In order to prolong the battery life of their devices phone manufacturers, like Xiaomi, enable strict battery optimisations by default. Luckily users can disable them, but we must communicate this better.
Another problem was caused by the Android O changes. One of them is background process restrictions: Unless your app is visible to the user, your background processes are going to be stopped and you’re unable to launch new ones.
Initially we thought that we can solve this by showing a persistent notification with minimal priority, which is visible in the notification gutter, but not in the status bar. This didn’t work for Oreo: If you try to launch a background service and use priority minimum for its notification, the notification priority is upgraded to a higher priority (visible all the time) and, in addition to that, the system shows another persistent notification: “App X is using battery”.
We initially planned to explain users how they can hide these persistent notifications but that wasn’t a great user experience so we had to find a better solution. We leveraged Android Job mechanism to launch our service periodically (at least every 15 minutes), and we also try to keep it alive afterwards. We don’t hold WakeLocks manually – the system does this for us. We were able to ditch persistent notifications altogether. Even if notifications sometimes have a small delay, it will always be received and emails are there instantly.
In the end, we had to do some work but it was totally worth it. Our new app is still in beta but thanks to non-blocking IO, we’ve been able to maintain thousands of simultaneous connections without problems. We freed our users from Google Play Services requirement. Finally, everyone is able to get the Tutanota app on F-Droid. The system now combines both: good power efficiency and speed.
Final thought: Every user should be able to choose a “Notification Provider” for every app
Wouldn’t it be great if the user could just pick a “push notifications provider” in the phone settings and OS managed all these hard details by itself? So every app, which doesn’t want to be policed by the platform owner, didn’t have to invent the system anew? It could be end-to-eFinal thought: Every user should be able to choose a “Notification Provider” for every app
Wouldn’t it be great if the user could just pick a “push notifications provider” in the phone settings and OS managed all these hard details by itself? So every app, which doesn’t want to be policed by the platform owner, didn’t have to invent the system anew? It could be end-to-end encrypted between the app and the app server. There’s no real technical difficulty in that, but as long as our systems are controlled by big players who do not allow this, we have to solve it by ourselves.nd encrypted between the app and the app server. There’s no real technical difficulty in that, but as long as our systems are controlled by big players who do not allow this, we have to solve it by ourselves.
EDS (Encrypted Data Store) is a virtual disk encryption software for Android which allows you to store your files in an encrypted container. VeraCrypt(R), TrueCrypt(R), LUKS, EncFs, CyberSafe(R) container types are supported. The program can operate in two modes: non-mounted and mounted.AND...
In non-mounted mode you can browse an encrypted container using EDS built-in file manager or any other file manager that supports Android Storage Access Framework. When you open a file (that is not a media or an image file) from a container in "non-mounted" mode, EDS decrypts the file to a temporary location on your device. Media files can be viewed directly from the container. In non-mounted mode you can open a container with FAT file system or ExFAT file system after installing an additional module.
In mounted mode the file system of a container is attached to the file system of the device. The files inside an encrypted container are encrypted or decrypted "on the fly", without temporary files. The mounted mode requires root access to the device. In mounted mode the following file systems are supported: FAT, NTFS, EXT4, EXT3, EXT2, ExFAT.
EDS is available in two versions: the paid version and the open source "lite" version. You can support the development of the "lite" version by making a donation.
TrueCrypt(R) containers supportLicense: GNU General Public License v2.0 or later version
AES, Serpent, Twofish
AES-Twofish, AES-Twofish-Serpent, Serpent-AES, Serpent-Twofish-AES, Twofish-Serpent encryption algorithms (not available in the "Lite" version)
XTS encryption mode
SHA-512, RIPEMD160, Whirlpool based KDFs
Hidden containers support (not available in the "Lite" version)
Keyfiles support (not available in the "Lite" version)
LUKS containers support
AES, Serpent, Twofish, GOST encryption algorithms
XTS, CBC encryption modes
SHA1, SHA-512, RIPEMD160, Whirlpool based KDFs
VeraCrypt(R) containers support
AES, Serpent, Twofish, AES-Twofish, AES-Twofish-Serpent, Serpent-AES, Serpent-Twofish-AES, Twofish-Serpent encryption algorithms
XTS encryption mode
SHA-512, RIPEMD160, Whirlpool, SHA-256 based KDFs
Hidden containers support (not available in the "Lite" version)
Keyfiles support (not available in the "Lite" version)
AES encryption algorithm
128-256 bits key size
SHA-1 based KDF
Works with any file system
Filename encryption support
Unauthorized file modifications detection
CyberSafe(R) containers support (not available in the "Lite" version)
AES, GOST encryption algorithms
XTS encryption mode
SHA1 based KDF
Encrypt/decrypt any kind of file
Create a container using any of the supported formats
Container mounting is supported (on a rooted device) You can use any file manager, gallery program or media player to access your files inside the container (not available in the "Lite" version, root access required)
It's possible to mount a container with FAT, EXT4, EXT3,EXT2 or NTFS file system (not available in the "Lite" version)
A container can be opened directly from a network share (not available in the "Lite" version)
Network shares can be mounted to the file system of your device. Automatic mount/dismount is supported (depending on the available Wifi connection) (not available in the "Lite" version, root access required)
Cloud storages support: Dropbox(R) (not available in the "Lite" version)
You can encrypt a folder inside your Dropbox using EncFs
You can store your files on a cloud storage inside an encrypted container. Your files are decrypted only on your device
You can access a container in online mode without copying the whole container file to your device
You can store complete synchronized local copy of the container file to access the contianer in offline mode
You can mount a cloud file system to your device so that you can work with the cloud storage as with a real folder on your device
"Root" file manager capabilities. Now you can work with files and folders which can be accessed only by "root" user. (not available in the "Lite" version, root access required)
Encrypted partitions and devices support (not available in the "Lite" version, root access required)
All the standard file operations supported
Click on a file to open it in the default viewer. Changes to this file will be saved automatically
You can play media files directly from the container (not available in the "Lite" version)
You can use a hand-drawn pattern along with a password to get easier access to your container on a device with a touch screen (not available in the "Lite" version)
You can use an integrated records editor with customizable fields to store different types of records. You can setup for example setup one directory in your container to store your passwords and another to store your credit cards information (not available in the "Lite" version)
You can use indexed search to find files or records in your container (not available in the "Lite" version)
You can quickly open any file or folder inside the container using widget (not available in the "Lite" version)
Tutanota's encrypted open source email app is now available on F-Droid, making it the go-to secure email service that enables everybody to stop using Google. To date, no email service has published their Android app on F-Droid, the number one platform for free and open source apps.MORE: https://tutanota.com/blog/posts/open-source-email
Most email services rely on Google’s GCM for push notifications, which make an F-Droid release impossible. If you search F-Droid for email apps, you will not find one app of a known email service, except for Tutanota.
With the app release on F-Droid, Tutanota now proves that it is possible to build a secure email service that is completely Google-free, giving people a real open source alternative to the data-hungry market leader Gmail.
"We are happy to see how enthusiastic Tutanota is about F-Droid and free software, having rewritten their app from scratch so it could be included. Furthermore, they take special measures to avoid tracking you, and the security looks solid with support for end-to-end encryption and two-factor authentication", says the F-Droid team.
Focus on open source, privacy and security
Tutanota is the secure mail service that focuses on security and privacy. Being open source is a crucial part of this, and from its early days, Tutanota has been published on GitHub as open source, licensed under GPLv3.
Only with open source software, third parties can verify that we remain true to our goal: Protecting the privacy of our users by offering the most secure open source email service.
We build Tutanota to establish a secure alternative to mainstream email services like Gmail and Yahoo that spy on their users. Leaving Google behind is not easy, but the effort is worth it: You will regain control over your data. When you use services like Tutanota's fully encrypted mailbox, you own your data - no one else can access it.
And, of course, when it comes to leaving Google behind, F-Droid is one of the most important platforms you’ll need as this is the best place to get Google-free Android apps with automatic updates.
Cryptocurrencies, although a seemingly interesting idea, are simply not fit for purpose. They do not work as currencies, they are grossly inefficient, and they are not meaningfully distributed in terms of trust. Risks involving cryptocurrencies occur in four major areas: technical risks to participants, economic risks to participants, systemic risks to the cryptocurrency ecosystem, and societal risks.Yup.
Briar is a messaging app designed for activists, journalists, and anyone else who needs a safe, easy and robust way to communicate. Unlike traditional messaging apps, Briar doesn't rely on a central server - messages are synchronized directly between the users' devices. If the internet's down, Briar can sync via Bluetooth or Wi-Fi, keeping the information flowing in a crisis. If the internet's up, Briar can sync via the Tor network, protecting users and their relationships from surveillance.Настоятельно рекомендую также прочитать подробности о протоколах:
Briar provides private messaging, public forums and blogs that are protected against the following surveillance and censorship threats:
- Metadata surveillance. Briar uses the Tor network to prevent eavesdroppers from learning which users are talking to each other. Each user's contact list is encrypted and stored on her own device.
- Content surveillance. All communication between devices is encrypted end-to-end, protecting the content from eavesdropping or tampering.
- Content filtering. Briar's end-to-end encryption prevents keyword filtering, and because of its decentralized design there are no servers to block.
- Takedown orders. Every user who subscribes to a forum keeps a copy of its content, so there's no single point where a post can be deleted.
- Denial of service attacks. Briar's forums have no central server to attack, and every subscriber has access to the content even if they're offline.
- Internet blackouts. Briar can operate over Bluetooth and Wi-Fi to keep information flowing during blackouts.
Briar is designed to resist surveillance and censorship by an adversary with the following capabilities:
- All long-range communication channels (internet, phone network, etc) are comprehensively monitored by the adversary.
- The adversary can block, delay, replay and modify traffic on long-range communication channels.
- The adversary has a limited ability to monitor short-range communication channels (Bluetooth, WiFi, etc).
- The adversary has a limited ability to block, delay, replay and modify traffic on short-range communication channels.
- The adversary can deploy an unlimited number of devices running Briar.
- There are some users who can keep their devices secure - those who can't are considered, for the purposes of the threat model, to be controlled by the adversary.
- The adversary has a limited ability to persuade users to trust the adversary's agents - thus the number of social connections between the adversary's agents and the rest of the network is limited.
- The adversary can't break standard cryptographic primitives.
In their report, they state "the quality and readability of the app’s source code was rather exceptional" and highlight "a good understanding of vulnerability patterns and threats". All the issues found by the audit have been addressed in this beta release. The report concludes that Briar "is able to offer a good level of privacy and security. In other words, the Briar secure messenger can be recommended for use."
\* We are long-term, patient investors. We’ve been investing in crypto assets for 5+ years. We’ve never sold any of those investments, and don’t plan to any time soon. We structured the a16z crypto fund to be able to hold investments for 10+ years.
\* We have an “all weather” fund. We plan to invest consistently over time, regardless of market conditions. If there is another “crypto winter,” we’ll keep investing aggressively.
\* We provide operational support to entrepreneurs. Our crypto investments have access to the same 80+ person a16z operating teams as do our non-crypto investments. Our operating teams have deep expertise in executive and technical recruiting, regulatory affairs, communications and marketing, and general startup management. We are responsible participants in the governance of companies and the governance of networks.
\* We are flexible with respect to stage, asset type, and geography. One reason we created a new fund is to have maximum flexibility. We invest at all stages, from seed stage pre-launch projects to fully developed later-stage networks like Bitcoin and Ethereum. We’ll invest in traditional financial instruments like equity or convertible notes, and new instruments including the direct purchase of coins/tokens. Crypto is a global phenomenon, with great projects all around the world, and we’ll invest accordingly.
\* We are focused on non-speculative use case. We want services powered by crypto protocols to be used by hundreds of millions and eventually billions of people. Crypto tokens are the native asset class of digital networks, but their value is driven by the underlying, practical uses cases.