If real Internet privacy is going to survive the 21st century, encryption has to become easy enough for mom and dad to use.
Powerful encryption has been available to the tech savvy public for decades, but it’s taken massive leaks from Edward Snowden to drive even a small portion of the mainstream towards the tools required to beat governments, corporations, and criminals (or do I repeat myself?) intent on taking unsolicited peaks into our communications.
Even so, most encryption today is simply too much of a burden for most people to take on—even Google wants to “improve the usability of PGP [encryption] with Gmail” in order to protect their users from prying eyes. And the Electronic Frontier Foundation wants to give away prizes to programmers who can finally make encryption easy.
That’s where Just Mail comes in.
The new secure email platform, which launched a $350,000 fundraiser on Kickstarter on Thursday to develop software and build a global infrastructure, promises to fundamentally change emails from an easy-to-spy on message to a powerfully decentralized, encrypted, and anonymous communication tool. According to Just Mail’s creators, the platform uses decentralized BitTorrent-like technology that can stand up against the spying, surveillance, and tracking that has made modern email so fundamentally insecure.
Based on the I2P anonymization network and AES encryption, Just Mail aims to make it as easy as a few clicks for everyday users to send secure, encrypted, and anonymous emails through the I2P anonymity network.
The Just Mail process is designed to work like this: A user writes an email that is then encrypted using a novel but easy image encryption technique and hits send. The encrypted email is divided into parts and sent all over the world through the distributed I2P network.
The recipient then receives a magnet link—similar in many ways to a torrent link—through random nodes that allows him or her to receive and read her mail.
“Every Just Mail user will transport random parts of hundreds of someone else’s correspondence which cannot be read if you are not the addressee,” Eric Michel, the founder and CEO of Just Mail, wrote on the project’s Kickstarter.
Just Mail’s utilization of the decentralized I2P network potentially puts it a level above well-known email privacy services, like the now-defunct Lavabit, because there can be no search and seizure of emails.
“No one can simply come to your home or office and get the hard drive with your emails on it,” Michel adds. “Neither can they demand it from us because there is no way to identify the exact place of storage of specific correspondence.”
While I2P already boasts powerfully secure and anonymous messaging tools, they are still too complicated for most people to easily use.
By comparison, Just Mail’s developers are “working to make our secured platform as user friendly as standard email platforms” like Gmail, they say. Additionally, Just Mail users will apparently be able to communicate with any other email service while current I2P messengers only allow intra-I2P communications.
Finally, in a move that aimed to make wide adoption easier, developers are including “One Click Security,” a feature that allows registered Just Mail users to invite anyone to temporary secure sessions without registration or a fee.
“We don’t collect any data from Just Mail users’ activities,” the company website explains. “We can’t analyse mails or give someone else access to them. All data ever sent through our platform can be deleted in a second.”
In addition to software and hardware costs, the Kickstarter funding will go towards legal consultations.
“Currently we see that it would be better not to register Just Mail in USA regarding to story with Lavabit,” Michel told the Daily Dot in an email. “We are trying to reach [the] Pirate Bay team to discuss this issue with them.”
There’s a profit plan, too. Just Mail is a freemium product with both individual and business class services to create a happy bottom line.
But none of this is a sure thing yet. Just Mail’s code has yet to be published and audited by independent security experts. Although the team says they “don’t really believe in an open source model,” transparency is required in order for the product to be fully understood and trusted.
Just Mail developers say the review process will take take place in the near future.
The world of anonymity networks if vast and Tor is king—just ask the NSA. But I2P, an 11-year-old lesser-known but powerful network which saw a 111 percent jump in users in 2013, offers an alternative worthy of recognition.
If Just Mail can execute on its promises, it could become the killer app that attracts more mainstream users to the network—exactly what I2P’s developers have been looking for.
Photo by anonymous account/flickr (cc by 2.0)