When you use a free e-mail provider, you are the product, which means that the provider most likely snoops through the contents of your e-mail to deliver targeted ads. Because of this I encourage people to move away from free providers. Paid e-mail providers are less inclined to snoop through your e-mails but the best option is to host your own e-mail server. Unfortunately, hosting e-mail is a pain in the ass so very few people are interested in doing it. A new product, Helm, is promising the best of both worlds: self-hosted e-mail without the complexity of administering an e-mail server. From a technical standpoint, it looks like a solid product:
The service takes a best-of-both-worlds approach that bridges the gap between on-premises servers and cloud-based offerings. The server looks stylish and is small enough to be tucked into a drawer or sit unnoticed on a desk. It connects to a network over Ethernet or Wi-Fi and runs all the software required to serve email and calendar entries to authorized devices. An expansion slot allows an additional five terabytes of storage.
The server also provides a robust number of offerings designed to make the service extremely hard to hack, including:
- A system-on-a-chip from NXP that stores keys for full-disk encryption and other crypto functions to ensure keys are never loaded into memory, where they might be leaked. The disk encryption is designed to prevent the contents from being read without the key, even if someone gets physical possession of the device.
- Support for secure boot and keys that are hardwired during manufacture so the device can only run or install authorized firmware and firmware updates. The devices are manufactured in the US or Mexico to ease concerns about supply-chain weaknesses.
- Firmware that only communicates over an encrypted VPN tunnel. This measure prevents employees of the user’s ISP, or anyone monitoring the home or office connection, from knowing who the user is communicating with. The firmware also automatically generates TLS certificates from the free Let’s Encrypt service.
- Before being backed up in the cloud, messages are encrypted using a key that’s stored on the personal server and is available only to the end user. That means if the cloud server is ever hacked or the provider is legally compelled to turn over the backed up data, it can’t be decrypted without the key.
- Two-factor authentication that’s based on what Helm calls “proximity based security.” The tokens that generate one-time passwords can only be installed on a smartphone that has come into close physical proximity with the Helm device during pairing by someone who knows the device password. Pairing new phones, adding email accounts, or making other changes not only requires a device password but also an OTP from an already-paired phone.
Technical specifications and implementation often don’t match so I’ll be interested to see how well this product works in the wild. However, I’m guessing that this product isn’t going to fly off of the shelves because the price is steep:
The startup is betting that people will be willing to pay $500 to purchase the box and use it for one year to host some of their most precious assets in their own home. The service will cost $100 per year after that. Included in the fee is the registration and automatic renewal of a unique domain selected by the customer and a corresponding TLS certificate from Let’s Encrypt.
$500 is a lot of money for a consumer-grade embedded computer and a $100 per year subscription fee isn’t chump change no matter how you shake it. You can buy a ProtonMail subscription for significantly less and enjoy what most consumer would consider pretty reasonable security. But if you want a self-hosted e-mail option without the hassle that usually accompanies setting up and maintaining your own e-mail server (and have a few Benjamins to spare), this may be a product to look into.