M for iOS

Email app with automatic encryption

#2 Product of the DayNovember 28, 2015
Would you recommend this product?
No reviews yet
M is free for private use and open source
Oof. An encrypted mail app that rolls its own crypto sett rather than interoperate with PGP or S/MIME.
@obra I'm understanding what you mean but have read in the app store desc that s/mime and PGP are planned features.
@obra Thanks for the feedback! We would be just as sceptical as you of someone rolling out their own crypto. However, if you look into the details, there are very good reasons why neither PGP nor S/MIME is suitable for us. It is irresponsible to design crypto software in 2015 that still depends on SHA1. So OpenPGP and S/MIME up to version 3.1 are out. We want to encrypt subject lines, so both PGP and S/MIME are out. Our crypto container has many other advantages. For example, it is provably CCA secure, as has been confirmed in an independent audit. None of this means that we do not want to support PGP and S/MIME. It's just that we don't currently have the resources to implement them as well.
"M" for me is the Facebook AI messenger app now, terrible name choice.
@loic Yes, I also thought it would be a about Facebook's product. And isn't M the boss of James Bond? Surely both are good reasons NOT to name security software M. What about X?
@skreutzb @loic Yeah, we settled on the name a while ago, long before Facebook's announcement. Looks like we will be switching back to "Mynigma" at some point in the near future... Thanks for the constructive suggestion, we'll look into whether "X" would be feasible!
@roman_priebe @loic M sounds better than Mynigma.
@spaceprovided @loic ... and another upside: (german) people are able to pronounce it correctly. "No, it's not Mµnigma" 😂
@roman_priebe I have compassion for you, it's very difficult to but have a large company launch something that doesn't destroy your name... Good luck!
Hey Jack! Thanks for the hunt! We created M when we realised that email encryption is still far too complicated. Our vision is an email app with simple, foolproof encryption by default. M is free for personal use, with no in-app purchases or anything like that. We don't collect any data on our personal users. In fact, since encrypted emails are still routed via the usual providers, we don't even know who our users are. Encryption between M users is enabled by default. All you need to do is send an open message back and forth. Many improvements are on the way. For example, using M on multiple devices will become dramatically simpler in future versions. We are a team of three developers who have worked very hard to create beta versions for Mac and iOS as well as an Outlook plug-in in alpha. An Android app is also in the pipeline. Your feedback and questions are very much appreciated. Edit: A bug in Apple’s key chain is currently preventing new users on Mac OS from sending encrypted messages. We have submitted a fix and requested an expedited review. iOS should be working fine.
@lksnmnn Can you please explain the team expertise in terms of encryption and technology?
@llabball @lksnmnn Sure! We are all mathematicians/computer scientists. I studied Mathematics in Cambridge and then got a PhD in Computer Science from Oxford. Lukas is studying Computer Science and Marco holds a PhD in Mathematics from Universität Tübingen. Since we get no money out of Mynigma, we have occasional part-time jobs as app developers and IT security consultants. It is fair to say that the mathematical/cryptographic side of things is our comfort zone. We are also very grateful to be able to rely on a number of mentors (professors from places like Oxford, FU Berlin and TU Berlin), who are leading experts in their fields and have published on the subject for years. A lot of work and expertise has gone into creating our crypto and we take great pride in getting the details right.
Why now? I hope M is used for good and not for evil. Good luck.
@jakemor With mass surveillance and other threats to privacy, security and thus democracy on the rise, now seems a lot better than later. Why not earlier? Well, building a usable solution for secure email encryption is simply a hard problem. As for the bad guys: they could always use existing solutions like PGP. And there are a lot more good guys who need proper protection.