Decentralized webmail outfit Mailpile scraps beta program for now

When I wrote about the decentralization movement a year back, one of the big pro-privacy hopes was Mailpile, which is ambitiously trying to build a user-friendly yet rock-solid encrypted webmail system with a hybrid desktop/in-browser approach. On Friday, Mailpile’s Bjarni Rúnar Einarsson announced the rejection of the Mailpile beta, saying feedback had led the team to go back to the drawing board. One key issue was unsurprisingly related to making “all that crypto stuff completely seamless.” Iceland-based Einarsson is taking a break to get married (mazel tov) and, with the back-end providing most of the problems, front-end designer Brennan Novak has “moved on to other things for now.” Here’s hoping Mailpile gets back on track when development resumes next month.

Decentralization platform Sandstorm gets serious with $1.3M boost

The open-source personal server platform Sandstorm just became way more viable: Having previously raised just under $59,000 through a crowdfunding campaign, it’s now pulled in $1.315 million in a seed round and revealed plans for targeting the enterprise. The round was led by Quest Venture Partners and also included angel investors such as Google’s Chris DiBona and Brian McClendon, and Skype’s Jaan Tallinn.

As you’ll have been able to guess from my earlier write-ups of Sandstorm, I like the idea a lot. The aim of the project is to create a simple-to-set-up personal server for indie web apps that can be hosted by Sandstorm or another cloud provider or installed at home for even greater privacy – apps and data will be easily portable between hosts.

In theory, Sandstorm’s platform could ultimately carry apps to rival commonly-used web services such as those you get today from Google and Facebook, but instead of using a centralized model, it would give users control over their own data. As these are open-source apps, it would also be possible for users to check and even alter their code.

Apps hosted on a user’s personal server will be able to interact with one another, or with apps on other servers for social or collaborative purposes. A fair few apps have already been ported to Sandstorm, such as WordPress (see disclosure), Apache Wave (formerly Google Wave), Tiny Tiny RSS and Mailpile.

Bigger plans

Now that the project has raised some significant seed funding, the cash that came in through last year’s Indiegogo campaign will be “paid forward” to help fund the further development of open source apps. Those who contributed to the campaign will get their promised perks (I contributed $64 for the perk of a year’s hosting), but will also get Sandstorm Indie App Market credit equalling their contributions — the market, which is almost ready, will use a pay-what-you-want model.

All of the campaign’s stretch goals will now be met too, even though the campaign itself didn’t meet them – that means GPG-based cryptographic login, per-document encryption, end-to-end encryption, and the Powerbox interface for data-sharing between apps.

CEO Kenton Varda, an ex-Googler and the creator of the Cap’n Proto data-interchange format, told me by email that the addition of venture capital financing won’t change Sandstorm’s goal of building “a platform for a decentralized, federated internet and which makes open source web apps viable.”

It’s just that the Sandstorm vision has now expanded to take in more lucrative elements:

As it turns out, a lot of what we’re doing is not just interesting to individuals, but also businesses. Many companies big and small simply cannot cede their data to “the cloud”, whether it be for reasons of security, privacy, regulatory compliance, competition, vendor lock-in, customizability, etc. These companies are still running very ad-hoc internal infrastructure that is costly to maintain and is often a huge security liability (as we’ve seen, for example, in the case of attacks on Target, Sony Pictures, and so many others). Our investors believe that Sandstorm could provide a vastly better way for companies to run in-house server clusters — and any time you solve a problem for enterprise, money is not far away.

This large-scale cluster maintenance project is currently codenamed “Blackrock”. Varda expanded on the impact of Sandstorm’s enterprise strategy in a Thursday blog post:

Some of this may not be open source, but if it turns out that a feature of Blackrock is of interest to the community at large, we will look to move that code into Sandstorm proper. I personally hate the idea that some of my code may not be open — I have been releasing all of my personal code under open source licenses since high school — but I am happy that it means we can fund heavy development of the open source Sandstorm platform, without the need for advertising or data mining.

Self-hosting and transparency

Varda said Sandstorm’s incentives “may now be even more aligned with our users than before,” in that there’s no longer a need to focus so much on Sandstorm’s own server-hosting business as a revenue stream. In fact, the VC money has already been used to bring in a new team member, OpenHatch founder Asheesh Laroia, who will partly focus on improving Sandstorm’s self-hosted experience.

“He will be finding ways to solve the major difficulties that our self-hosting users face right now, such as setting up DNS and SSL,” Varda said. Sandstorm will still offer a managed hosting service for those who don’t want to maintain their own server (launching in three to six months’ time), but in the long term the team wants to build technology and leave the hosting to third-party providers across different jurisdictions, he said. The self-hosted version is already available for Linux users.

Sandstorm has also made an interesting decision about transparency – it’s registered the #sandstorm IRC channel for internal discussions (as an alternative to the likes of Slack), making those discussions open to the community. It also sends daily updates to the sandstorm-dev mailing list, including meeting notes.

“That said, obviously there are some things that can’t be public,” Varda said. “For example, any ongoing negotiation needs to be private until it completes — hence why we haven’t been providing a play-by-play of our fundraising, but are announcing it now. But, we believe in having as few secrets as possible.”

Disclosure: WordPress parent Automattic is backed by True Ventures, a venture capital firm that is an investor in the parent company of Gigaom. scales back, focuses on Heartbeat social networking client

The pro-privacy project, which I covered a couple times last year, has scaled back its ambitions due to a lack of resources – despite having raised over $100,000 in a crowdfunding campaign just one month ago.

Brighton, U.K.–based will now focus purely on Heartbeat, the client for its nascent Indienet peer-to-peer social network. The Indie Phone is no longer on the table for now, and the same goes for the Pulse distributed file synchronization system (as a consumer product, at least) and Waystone “introducer” that I wrote about in November.

Pulse, a fork of the Syncthing engine, will continue as a internal component of Heartbeat and its current source code can be downloaded, but chief Aral Balkan wrote in a Monday blog post that “if you want a standalone synchronisation engine with community support, etc., please use Syncthing instead.”

“Pulse, Heartbeat, Waystone, a phone … it was important to share with you our vision just as you would share the synopsis of a book with your publisher. But, going forward, it would be confusing — especially for a consumer audience — to have all those implementation details thrown at them,” Balkan wrote, adding that plans to release Heartbeat for anything other than [company]Apple[/company] devices had also been scrapped for now. Heartbeat will come out for Mac first (a private pre-alpha will open to some on January 26), then iOS in the “intermediate-term.”

However, the problem with the “synopsis” version of events is that the original grand vision was the basis for the recent crowdfunding campaign. Not surprisingly, some donors are very annoyed.

Balkan denied carrying out a “bait and switch” and offered to refund donations to those who want their money back. To those who decried the choice of focusing on Apple’s closed platforms, he pointed out in the blog post that “unlike [company]Google[/company], [Apple’s] business model is not to spy on you.” He also noted that the team all use Macs.

“We’re under no illusions that Apple is in any way perfect. To start with, they’re proprietary and closed,” Balkan wrote. “But we’re being pragmatic. Apple’s platform is a good stop gap until we have our own independent one.”

The decision to focus is, in my opinion, a good one both from a resources and marketing standpoint. The original vision was grand but ill-defined and confusing. Far better to make the Heartbeat product a demonstrable reality and build from there — the outfit still wants to make a consumer device one day, which may be a phone.

However, the timing of the readjustment is not good. should have figured this stuff out last year before putting its hand out for donations. The decentralization movement is part of the open-source world, which largely runs on community spirit. If the Heartbeat project is to pull through, will need to work on regaining whatever goodwill it’s lost this week.