M for iOS

M for iOS

Email app with automatic encryption

1 follower

Visit website
M for iOS gallery image
M for iOS gallery image
M for iOS gallery image
M for iOS gallery image
Launch tags:iOSiPadMac
Launch Team
PinMe
PinMe
Publish Sites in Seconds. Tamper-proof by design.
Promoted

What do you think? …

Jesse
Keyboardio
Oof. An encrypted mail app that rolls its own crypto sett rather than interoperate with PGP or S/MIME.
Ingo Radatz
@obra I'm understanding what you mean but have read in the app store desc that s/mime and PGP are planned features.
Lukas Neumann
M for iOS
Maker
@obra Thanks for the feedback! We would be just as sceptical as you of someone rolling out their own crypto. However, if you look into the details, there are very good reasons why neither PGP nor S/MIME is suitable for us. It is irresponsible to design crypto software in 2015 that still depends on SHA1. So OpenPGP and S/MIME up to version 3.1 are out. We want to encrypt subject lines, so both PGP and S/MIME are out. Our crypto container has many other advantages. For example, it is provably CCA secure, as has been confirmed in an independent audit. None of this means that we do not want to support PGP and S/MIME. It's just that we don't currently have the resources to implement them as well.
Lukas Neumann
M for iOS
Maker
Hey Jack! Thanks for the hunt! We created M when we realised that email encryption is still far too complicated. Our vision is an email app with simple, foolproof encryption by default. M is free for personal use, with no in-app purchases or anything like that. We don't collect any data on our personal users. In fact, since encrypted emails are still routed via the usual providers, we don't even know who our users are. Encryption between M users is enabled by default. All you need to do is send an open message back and forth. Many improvements are on the way. For example, using M on multiple devices will become dramatically simpler in future versions. We are a team of three developers who have worked very hard to create beta versions for Mac and iOS as well as an Outlook plug-in in alpha. An Android app is also in the pipeline. Your feedback and questions are very much appreciated. Edit: A bug in Apple’s key chain is currently preventing new users on Mac OS from sending encrypted messages. We have submitted a fix and requested an expedited review. iOS should be working fine.
Ingo Radatz
@lksnmnn Can you please explain the team expertise in terms of encryption and technology?
Roman Priebe
M for iOS
Maker
@llabball @lksnmnn Sure! We are all mathematicians/computer scientists. I studied Mathematics in Cambridge and then got a PhD in Computer Science from Oxford. Lukas is studying Computer Science and Marco holds a PhD in Mathematics from Universität Tübingen. Since we get no money out of Mynigma, we have occasional part-time jobs as app developers and IT security consultants. It is fair to say that the mathematical/cryptographic side of things is our comfort zone. We are also very grateful to be able to rely on a number of mentors (professors from places like Oxford, FU Berlin and TU Berlin), who are leading experts in their fields and have published on the subject for years. A lot of work and expertise has gone into creating our crypto and we take great pride in getting the details right.
Jack Smith
Hustle X
Hunter
M is free for private use and open source
Ingo Radatz
A security critical case aside the email encryption is the communication (Auth/Encryption) with the mail server. Can you explain what you care about (e.g. Chiphers, FPS, Heartbleed ...)? We don't have to go deep into technical details but it would be interesting to read about your position when it comes to decide to lower the security level or shut out potential customers.
Roman Priebe
M for iOS
Maker
@llabball Thanks again for your interest. Of course we encourage the use of up-to-date ciphers and PFS, but we do not shut out users whose providers don't follow best practices. It is a real conundrum for us, since we care about our users' security, but errors like "Your provider's SSL settings do not support cipher XY. Please switch your provider." are certainly not the way to widespread adoption of proper email encryption. After all, these problems are just another good reason to use end-to-end encryption. Users with providers whose security is sloppy need it even more.
Gady Piazza
Do I need other people to download the app as well, or they would still receive my mail?
Roman Priebe
M for iOS
Maker
@gady90 You can send unencrypted emails to anyone. Encryption is automatic between users of the app.
Jake Mor
Superwall
Why now? I hope M is used for good and not for evil. Good luck.
Lukas Neumann
M for iOS
Maker
@jakemor With mass surveillance and other threats to privacy, security and thus democracy on the rise, now seems a lot better than later. Why not earlier? Well, building a usable solution for secure email encryption is simply a hard problem. As for the bad guys: they could always use existing solutions like PGP. And there are a lot more good guys who need proper protection.
Santo
if you don't want to get hacked but still want to connect and share use InnerGroup www.innergroupapp.com no data collection, no ads, no selling of your data, end to end encryption, no server retention of your posts.