@rrhoover Thanks Ryan! Lots of different types of demographics are interested in data ownership and control. Initially, early adopters that have taken steps to protect themselves online or have experienced an online breach are the focus for us. The product is definitely easy enough to set up that your parents could use it.

@chrisdolle @david_rothmann1 Giri and I as founders of the company are committed to supporting Helm purchasers for the long term. If for some reason the service has to be shut down, we will provide a way for customers to migrate off the service and on to something else (i.e. your own AWS account).

@garrytan curious if the team is interested in integrating solutions like orchid for more secure/anonymous internet (one step further than VPN or tor). I can sync the two teams together for a discussion, just let me know.

@garrytan ultimately I'd like to see the helm give me the ability to control and host all my IOT device data/services directly from it, rather than through 20+ different externally hosted services like we currently do. (eg. option to host nest web server and my personal video footage directly on my helm, or helm 2.0 device). this will be very lucrative to me and many others out there

Any info here would be awesome @new_user_417c623f9f - this is something I’ve always wanted but previous solutions haven’t been reliable

@kartikcooks To ensure that we can't read your email, email is delivered directly to your Helm and isn't stored in the cloud (except via encrypted backups). This means that it is somewhat dependent on you having a stable and reliable internet connection. The good thing about email is that it was designed a long time ago when the reliability of servers and networks wasn't nearly what it is today. Email servers have built in retry capabilities and you should get your email even if your internet connection is periodically down.

@dsigurds got it. Thanks. Love that you’re tackling email first. It really is the modern keys to your house. I’ll definitely be following your progress!

@jsphpl Each Helm gets its own static IP address and your email is routed through it. We make sure that the IP address is clean before we assign it. We don't rely on the reputation of your home IP address. Even though email is routed through this static IP, TLS sessions terminate on the Helm, so we aren't able to see any of the email data.

@dsigurds Oh i see. Does the service subscription include you taking me off blacklists, or handling that google issue – or is that all up to your customers? That implies the next question: How do you distinguish actual spammers abusing your service from "good" users, considering TLS is terminated at the Helm? A pity though that the system relies on central infrastructure provided by you. So its not contributing anything to decentralisation. Only advantage over other approaches is that the data (when in rest) lies at my home. Apart from that, you can definitely see some metadata. How's your data privacy policy about that? Where can we find those *additional terms and conditions* mentioned under 6) in your "Terms and Conditions of Sale"? (edit) I was assuming that decentralisation was part of your value proposition. But apparently it's not. Your goal rather is to improve privacy. So no criticism here. This was just me mixing up things… ;)

@dsigurds @jsphpl Yes - we will be monitoring blacklists for IP addresses used by Helm customers. Spammers can spam much more cheaply and cost effectively than buying a Helm. That said, we are planning a rate limiting feature that will be high enough to not bother consumers/SMBs but low enough to make it entirely uninteresting to spammers. We can't see metadata for email coming in and out over TLS which is the vast majority of all email today. Our privacy policy is on our website - https://thehelm.com/pages/legal. The clause you pointed to just indicates that if we make any updates to the terms, we will make them available to the buyer. I would also argue that this is furthering decentralization in a meaningful way. The applications and data live with the user. The infrastructure that you mention isn't all that different from infrastructure you get from your ISP. I suppose this is a matter of opinion, but that's what we believe.

@dsigurds @new_user_417c623f9f Yeah, i think it's a good approach to take away the painful part of operating a mail server from the user. I agree with your ISP comparison. TLS usually runs on top of TCP, so you are seeing metadata, namely IP addresses. Back to my initial question, which hasn't been answered directly: If i buy a helm, send mail over it, and the mail doesn't reach gmail recipients – can i call you and you call google, or do i have to take care of it myself? MX Toolbox does blacklist monitoring for free, the painful part is to react when something doesn't work as expected – 100$ a year would be an absolutely fair price for not having to worry about all that communication with other mail operators. I'd even say it's cheap and i'm not sure if you can sustainably operate with that little money. But 100$ a year for setting up a VPN and a blacklist monitor and have me do the hard work myself – not sure if i would buy that…

@dsigurds @jsphpl Usually in the context of emails, I think of metadata referring to what an email server can see in the headers. We monitor and remove from blacklists IPs that are assigned to gateways. And yes, we will provide support for the scenario that you described.

@tostartafire Offsite encrypted backups are provided as part of the Helm service. The key that is used to perform the encryption is only accessible to the Helm owner. Having the hardware local give you the ability to leverage something we call proximity based security. The administration functions of the Helm are protected by your password + a proximity based token. The token can only be obtained if you have been in physical proximity to the Helm.

@markus_schuette Doesn't do email?

@markus_schuette Well, first we are shipping soon. We have private betas out in the field. And as Nicolo mentioned it, we do email/calendar/contacts.

@andreasduess Hosting my own mailserver and getting tons of spam mail straight to their own folder. ;) So the available open source software for spam detection is really reliable. Therefore, it shouldn't be too hard for the helm guys to implement proper filtering.

@rmagrino Helm supports a single domain with an unlimited number of users. Small businesses that are uncomfortable having all their email in the cloud and who probably don't have their own IT team to manage their email servers could definitely benefit from the ease of use and security of Helm.

@rdbrdd Thanks for the feedback - multi-domain support is on our list of things to look at based on comments from people like you.

@jsphpl We don't have remote access to Helm servers.

@new_user_417c623f9f but they're pulling software upgrades from your servers?

@jsphpl correct. These updates are signed by keys that are securely managed by us. Each Helm server will verify the signatures before applying an update.

@new_user_417c623f9f … and those keys are airgapped and/or otherwise secured, so this is not an interesting approach for hackers, right? What about your DNS and routing services? I think by providing centralised infrastructure, you're just as big a target for hackers as any other provider like google? Well, by taking over your routing and DNS services, a hacker could not read the mail stored on my helm, but at least they could impersonate me. The approach you've taken is probably a pretty good tradeoff between privacy/control and maintainability of a mail server, especially regarding its spam reputation.

@jsphpl Yes, they are air gapped with a signing ceremony that requires the coordination of more than 1 designated employee.

@jsphpl We will be announcing a developer program to support this

@sam_tyurenkov sorry for not including the tech specs. You can find details here: https://thehelm.com/pages/techno...

@kkdub Thanks Kelly. Stay tuned for more ways to become a customer...

@magnuson To use your own domain you need to change the nameserver records at your registrar to point to our DNS servers. Once you've done that we provide DNS management tools so that you can replicate your current DNS setup. Configuration of the Helm is done through a mobile application and access to email is through standard email clients.

@josh_reyes Yes, you can access it from any device from anywhere. Your home internet upload speed isn't super critical for email. If you download a large attachment you may see some performance impacts if you have very slow upload speeds. For me personally I've been testing with 3-5 Mbit up and it works great.