I think you raise some good points, and I wanted to add some thoughts of mine to them. Maybe you can evaluate how valid they are.

>You better hope it doesn't break or have downtime, and trust that your home network is secure enough to handle anyone intruding through this internet facing service.

That goes for pretty much any kind of server you host from your home, right? Whether it be kids hosting their Minecraft servers, or people sharing some files with friends and family via FTP. (I don't condone playing proprietary video games btw.) Of course that's more dangerous than not hosting anything, but is there an alternative when you decide that you want to self-host and have this level of control over the server hardware? Not everybody has their own data centers.

>Once we go out of business you're screwed. You also have to trust us not to proxy and snoop your traffic.

I think this "feature" (which I personally wouldn't like to use) is mainly for people that can't into DNS or want to pay for domains. You can still use this box with your own domain that is not associated with the makers of it. But yeah that's definitely something they should make clear to the user during set-up or so.

>So we'll actually proxy your traffic maybe. Just trust us not to snoop?

I think this would be a manual setting, not necessarily happening automatic and "maybe" without you knowing. And while you definitely lose some privacy by using a proxy in this case, as long as the connection is still end-to-end-encrypted, at least the content itself would be still safe. (Metadata is of course still a serious issue.)

>New crypto techniques? This isn't good either. Who hosts the link database?

I think this database could be easily hosted by your box itself, and that would make the most sense to me. This technique they're using at least can only end up better than sending plain unencrypted mail, and I think is the same that services like Tutanota are using, so it's not completely unexplored territory.

>We already have problems making CAPTCHAs to filter spam bots, but obviously the most equipped surveillance agencies on Earth won't be able to get by them.

True. I wouldn't trust a Captcha for a second. Well, and thanks for your remarks about the hardware, I didn't know much about that aspect of this project. If you have any more information that's maybe not obvious to someone reading their website, I'd appreciate it. I'm still kind of curious about this.

Reply via email to