- the mandatory subscription provides value, but if the company folds, all the services go away and there's no instructions on how to set them up yourself -- at which point you might as well have bought an RPi with a preconfig'd distro.
- The selling point is "escape Big Tech" but the services are provisioned via AWS.
- The CEO is arguing with people here telling them that they are wrong about what they want.
- The owner doesn't have root access and Helm does. They promise that they can't look at your stuff, but of course they can.
In the other words: get locked down with our small tech. But seriously, they own the root account means you have a backdoor to your data vault, are their customers ok with that?
If you look for privacy or security and and are not knowledgeable in the subject, you will find a whole lot of snake oil. Some of it, like VPNs that log your traffic, is worse than nothing. Some of it is outright scams.
- It monetizes a bunch of third party open source projects like NextCloud and probably gives nothing back, and doesn't even give the user full control.
Many people here, including myself, are heavily turned off by the mandatory subscription that costs as much for 2 years as an entire device.
However, the service provided as part of the subscription, a static IP address forwarding to your device without terminating the TLS connection is actually cool. For about 30$/year (24$ sounds good), I'd absolutely buy that alone, since that's the key to the tag line - truly private e-mail.
I can build a home server myself (and in fact already have, with more features, though not nearly as elegant as a Helm). I'd be just fine with someone else running that service.
Hardware wise, besides the storage, Helm looks like a great little home server, especially for the (hopefully not subscription-subsidized ...) price. If it had slots for my own drives I'd seriously consider buying one. The yocto-based software is a bit of a downside, as I'd prefer something like a Debian for maintenance reasons, but setting that up manually would sure be possible.
Not directly competing with Helm, but we at Hoppy Network provide a static IP over WireGuard. It came out of a desire for "truly private email". We provide:
Awesome, I was just looking for something like this the other day! SEO feedback: Try to be discoverable via term like "ipv4 tunnel provider", you may get more search leads. In my mind I was looking for an inverse Hurricane Electric.
Also, do you have any plans at all to accept payments via cryptocurrencies like Bitcoin? That would make you guys a no-brainer.
Thanks for the SEO feedback, definitely something we will look into! We currently use Stripe, and I don't think Stripe has any plans to bring back crypto payments :(
I like the idea of decoupling residential IP service from a physical ISP, but I'd be worried about getting blocked by Netflix, like Hurricane Electric's tunnel broker. Has Hoppy managed to avoid those problems?
Yes. But it’s also useless if they go out of business period. I know, I know, opensource it in the event of bankruptcy and continue receiving security updates and what not. But when as that ever actually panned out?
Tbh, I don’t know why subscriptions get such a bad rap on HN. recurring revenue (ie subscription) is actually one of the best tool we have for ensuring the products/services we depend on don’t go under.
No, the whole premise with “personal server” is and should be that company going out of busines would have no efect on server and data on it. It should continue working exactly like it did when you bought it. This means that mandatory subscription is a dealbreaker. Optional subscription on the other hand would be just like additional service for which you could pay if you incapable of doing something yourself or through third party.
I understand the premise fine. I’m just saying it’s an unrealistic expectation.
For example, “should continue working exactly like it did” sounds nice, but what happens when the company is out of business and your server’s kernel needs a kernel patch due to a security issue? Sure the server still works, but you probably shouldn’t be using it if you in fact want something that’s private/secure.
> Tbh, I don’t know why subscriptions get such a bad rap on HN
Because a lot of the times things don't need a subscription, but it's just a way for the company to squeeze more money out of you.
Some things you can't buy of course, like a streaming service, and I do pay for them. However, I will never 'rent' an online movie which I can only watch once or some such bullshit where the limitation is 0% technical and 100% someone wanting more money out of me.
Why not? I do it all the time for a simple economic reason: renting is $2.99 and buying is $14.99.
If I haven’t seen the movie yet and I don’t feel super strongly about it, I don’t feel like paying the full price. Of course if I end up loving the movie and want to buy it, I’ll end up having spent an extra $2.99 to rent something I now plan to own. But I can’t remember ever doing that. I rent. I watch. I move on.
Also I wouldn’t buy a movie that I can’t store in a physical format.
1. "Buying" is usually 15$ in my experience, not 3$.
2. Like said, the limitation is not technical, it's purely milking users.
3. I like to own stuff and sometimes play older games and watch older movies. Renting is just a non-starter for that, unless you want to overpay out the nose.
hehe. In india, a couple months ago they did an experiment of launching a big ticket movie online for the first time. Here is how they put it, after you pay
.
open this page https://www.zee5.com/zee-plex-movies-on-rent
and click on how it works. then "How to buy and watch ZEEPLEX movies?".
they say "buy and watch" but then say "pay per view service", then there are stupid watch time requirements and all that.
piracy is 1 click, just press play. then these idiots go and equate piracy as a heinous crime
That's one of the biggest problems with subscription services. My favorite band's album was pulled from Spotify. Wouldn't have been a concern if I had set up Lidarr on my NAS.
Same for me. I prefer buying FLACs (or actual CDs) of the music I want to have and keep it on my devices, so there's no future risk of losing it (I do have backup). Plus, streaming requires a working connection, uses more energy, etc... so as you say, it's (very) good for discovery, but has many downsides too.
And actually, I think that in many cases piracy happens because it's the easiest option, not because people wouldn't be willing to pay. But this is a bit off topic ;)
It seems that Nextcloud, Postfix, and Strongswan are copyleft.
> You may obtain the complete corresponding source code from us for a period of three years after our last shipment of this product by sending a money order or check for $5 to: <snailmail address>
Without being illegal this is rather hostile. But then again they are selling subscriptions to open-source software so I expected something shady.
Providing the source on a physical medium for a price is reasonable because no one should be forced to run a digital distribution setup and infrastructure just because they build software that derives from GPL pieces.
Their customers have a right to receive a copy of the source. But the company is not obliged to host an online accessible version of it.
Charging a small amount for a copy of the source is fine.
And I will go so far as to say that making demands about access to the source code in a manner beyond what the GPL requires, is actually hurting the adoption of GPL software, not helping it. Why should a company base their work on GPL licensed software if they are going to meet pushback even when they are complying with the letter of the GPL? They might just build something different all together, and with no open source at all. And where does that leave us? Definitely in a worse place.
As I said, it is legal, but strikes me as unnecessarily unfriendly. It is likely that I have unrealistic expectations, but putting their modified source code on some "archived" GitHub or similar would have been easy and free. Looking around at Purism, Pine, and remarkable, they don't make it that easy either, so I guess my complaint shouldn't be directed at Helm specifically.
My point is that we're not in 1997 anymore (date this GNU document was written), and thus I cannot believe that mailing disks is the easy way to do this. They are making this deliberately difficult, for both them and their users, by doing this over mail.
As for discouraging companies to deal with GPL, I am with you. I think this is a little bit different though, as they are not adding much value on top of the open-source code...
> but putting their modified source code on some "archived" GitHub or similar would have been easy and free.
You still need to set up mirroring to keep it up-to-date, and janitor tags so that it matches whatever the customer actually received.
Much more importantly, you run the risk of a classic 'whoops I pushed an API key' blunder if your code gets auto-mirrored to a public repo.
Writing "if you're a human and you want the source code we'll give it to you" costs them about thirty seconds, satisfies the FSF, and carries zero risks.
> Much more importantly, you run the risk of a classic 'whoops I pushed an API key' blunder if your code gets auto-mirrored to a public repo.
Thousands of competent projects and millions of incompetent projects figured it out. This is not a reason to distribute source code digitally. Any use of this reasoning just makes the user seem stupid and unable to reduce the risk on this trivial problem.
Do the customers have the right to republish the source? Under the GPL (I checked GPLv3) I don't think they do, but this section (my emphasis) is unclear to me:
> You may convey a covered work in object code form under the terms of sections 4 and 5, provided that you also convey the machine-readable Corresponding Source under the terms of this License, in one of these ways...
Is "under the terms of this License" a clarifying clause that narrows down exactly which "Corresponding Source" we are talking about? That doesn't seem necessary given that "Corresponding Source" is already well defined. Alternatively, does it mean that you must convey the Corresponding Source and grant a GPLv3 license to the conveyees for that source? If so, it could be written more clearly.
If my second interpretation is correct, surely it doesn't matter much that the company has a slightly user-unfriendly policy to providing their source code - someone will just mirror the code on Github anyway.
> Do the customers have the right to republish the source?
The GPL definitely allows you this. What you are given is code that is as GPL as the one they originally got, which covers free distribution. This is the main mechanism that serves the purpose of the GPL.
Can you explain how that's expressed in the GPL? Is it the section I asked about, so the GPL's "convey the machine-readable Corresponding Source under the terms of this License" is your "[source] code that is as GPL as the [object code] they originally got"?
Alternatively, maybe it's section 4
> You may convey verbatim copies of the Program's source code as you receive it, in any medium
Which is a bit strange, because it's granting you a licence on something (the source code) you haven't necessarily actually got yet, so normally this grant of license would live with the IP it actually applies to. But I understand why it's necessary for the GPL to work in a more complicated way than that, because its purpose is to be viral and to bind the recipient to granting the same license when he distributes modified versions.
Your question doesn't make sense to me. You keep going off on tangents about possible interpretations. Can you go StackOverflow for me here and provide the minimal complete form of your actual question?
The intent of the "under the terms of this License" clause here is to require the conveyed "Corresponding Source" to be GPLv3 licensed as well.
On a lay reading, this could also be interpreted as "in the manner specified by this license". Whether that's how the courts would understand it is a question for a lawyer. It may hinge on what, specifically, was originally licensed under the GPL: the source code or the binary artifacts.
> Their customers have a right to receive a copy of the source. But the company is not obliged to host an online accessible version of it.
While true, this is misleading - if distributing under the "Written offer" term (rather than including the source code alongside the binaries), everyone has a right to receive a copy of the source.
They put a offer to distribute the source code on their legal page: https://orders.thehelm.com/pages/legal#open-source: "You may request a copy of the source by e-mailing: support@thehelm.com with "Source for Helm Personal Server" in the subject line. This offer is valid to anyone in receipt of this information". I emailed asking to plz gimme teh codez, let's see what I get!
"You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following:
a) Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or,
b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or,
c) Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.)"
Strong agree, but I still think they might be missing a trick.
Speaking purely personally, despite not currently being in the business of physically-distributing GPL'd object code: put a copy of the corresponding source inside the product. Storage is sufficiently cheap nowadays that this isn't nearly as onerous as it used to be.
For bonus points, bootstrap the image then use it to build itself from its included sources for distribution.
Hypothetically, could one not use this to get around GPL by modifying GPL software and agreeing to make the changes available to others but only at a ridiculous price?
No, the GPL covers this case. In the FAQ linked in the parent comment, check out the "High or low fees, and the GNU GPL" section.
In particular, section 6(b) of GPLv3:
> Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by a written offer, valid for at least three years and valid for as long as you offer spare parts or customer support for that product model, to give anyone who possesses the object code either (1) a copy of the Corresponding Source for all the software in the product that is covered by this License, on a durable physical medium customarily used for software interchange, for a price no more than your reasonable cost of physically performing this conveying of source, or (2) access to copy the Corresponding Source from a network server at no charge.
My understanding is that the customers would be allowed to distribute/modify the source at that point though so you're not really getting around the GPL.
We don't make the subscription optional at this time because the overwhelming majority of people on the Internet do not have a static IP address with a corresponding PTR record, which is required if you want to have deliverable email. There are other ways to handle domain registration, DNS and backups on your own, but we believe the subscription is a pretty great value for the convenience it provides.
I love your idea and execution. But requiring yearly subscription is defeating the purpose of "Break away from big tech" as I am now tied to your company instead of big tech. What's the point in this?
You can see elsewhere where I discuss what the subscription provides. I think there's a huge difference between subscribing to companies that share customer values around privacy and security vs being at the mercy of companies looking to extract as much value from your data as possible.
There isn't any lock-in using a Helm. You can always access and export your data on the LAN using standards-based clients to get your data wherever you'd like it to be.
You say "standards-based clients", does this mean I do not have direct access to the filesystem? Or a shell account for that matter?
Using email as an example, having to transfer email with drag'n'drop in something like Thunderbird is clunky, slow but works to a degree.
Having direct access to the mailbox directory on the filesystem would make it easier to transfer out/in (assuming you already have your emails in the same format).
Is the subscription mandatory. What about the minority of users who do have a static IP address. Should all users be given an option to arrange their own static IP address as well as to subscribe to a pre-packaged deal. They might be able to get a better price than $99/yr, or better terms. Whats to lose by having options.
These are honest questions because I have often thought about a similar project where a static IP is required and wondered if and how it could support itself.
Another way to think about this is that the service is a static IP for $99/yr and the rest is "free", i.e., optional. Perhaps the majority of users will be attracted by the "free" stuff, but a minority might see a static IPv4 as having many potentially useful advantages for personal computing.^1
This is how I view the internet. I pay for access, and this gives me access to, among other things, the web, and various "free services" offered on the web by so-called "tech" companies.^2 There is no obligation that I have to use them. I can choose what I think is useful and ignore the rest.
1. Previously we have seen the static IPv4 address marketed by ISPs in the US as a "business account". Personal use is not contemplated.
2. But the IP addresses we get from ISPs suck for things like running a smtpd. We need solutions to this problem besides "tech" company middlemen.
Company integrity/actually wanting to empower users. This unreasonably forces dependency on the company and bricks the device once support inevitably ends. That's usually a pretty good indication for a user-hostile company.
I think there is a potential issue with the overall concept and dichotomy between "owning" a device to "own" your data, and using external services that must be rented to make that happen. But it sounds like a fixable marketing/communication issue. To elaborate:
Considering R&D and manufacture, it looks to me like you're offering the box itself at cost or even below. Your obvious competitor is Synology, and they have an extensible storage space concept.
So I agree with you that the meat is probably in the Apps. You're offering an email solution as the killer subscription service using somewhat questionable marketing text. But again, that can be fixed. If you were to say "okay, we're planning on offering a range of subscription apps where the core concept is to provide a public-internet service endpoint and the resulting data gets funneled directly into your home box" then you're much clearer about the value you provide and customers would have an expectation that a) their app still works if the subscription expires (it just doesn't get any new data) and b) what they're paying for in the first place. Throw in an info graph that shows the data flow!
Of course, you might have to contend with open source implementations that offer the same endpoint services as a self-hosted option BUT you could even embrace that and make the protocols open because I suspect that the convenience of your all-in-one services would trump the complexity of self hosting in most cases.
Other services/apps you could offer along the same lines could be: federated social media, video downloading and conversion, video and audio chat, collaboration and office tools, home automation, and of course cloud backup (not the paltry 128GB currently folded into the subscription package, but a separate pay-as-you-go solution with "unlimited" storage).
The subscription not being optional ("We don't make the subscription optional at this time", https://news.ycombinator.com/item?id=28351035), with unspecified consequences of not having one.
One thing I definitely gather from that comment is that E-Mails wouldn't work, which appears to be the main selling point of the device.
There is an ongoing cost for email to work (static IP, DNS, tunneling for traffic) - this is why there is a subscription. It's not very complicated or malicious.
If a customer doesn't want a subscription, they can still use the Helm on their local network and get access to all their data. Running without a subscription is not something we currently support because of a lot of variables that can prevent email from working consistently, creating a heavy support burden (which is costly) along with bad customer experiences. It's best for people wary of a subscription to go down the DIY path (and we end up with a lot of DIY switchers once they realize how much effort it is).
So it sounds like if you are acquired/close shop/triple your fees, the hardware will continue working with a limited feature set forever. If HN-type people are at all your target market, I’d make this a lot clearer somewhere. After the umpteenth time, people are wary of hardware that randomly turns into bricks. It’s got nothing to do with “big tech”.
> Running without a subscription is not something we currently support because of a lot of variables that can prevent email from working consistently
No problem. I see the technical difficulties with that and that you don’t want to support it. But is it possible?
If you want peoples’ (definitely mine) trust I’d suggest clearly decoupling the subscription from the device and communicating that it’s only for the E-Mail routing.
Otherwise it feels like renting a device with some extra initial cost, which is like 20% as good as actually owning something (If I’m already renting just take away the setup cost and make it 12$/mo).
so provide a dynamic dns solution with one of the huge number of providers out there?
there are plenty of ways to get around that particular problem (although a cloud server is one of the best). so why not provide the information and let the user decide rather then telling us all we need to use your subscription service.
It might be interesting to produce seriously cut down reimplementations of those utilities for purely home use.
Similar to how a home router/switch/NAS doesn't need anywhere near the same number of options and possible misconfigurations and code that isn't helping you at all.
(I'm skipping past all the issues with this particular unit by this particular company to the point that this is a good idea and I'd be nice to see a lot more options in this space along with less complexity...)
To be fair, the subscription also means that the company is more likely to stay around and keep their products working.
Given that your paying Helm to handle all the PITA aspects of home servers, it seems reasonable to me. This is coming from someone who runs their own home infra in proxmox.
My only concern is the lack of offline backups. You should be able to backup to an external hard drive, and decrypt these backups (e.g. for migration to a "real" server) completely offline, without depending on support.
"Innovative hardware"? It says it's an ARM, with a secure root of trust. There's this Bluetooth "proximity token". Looks cool, I guess.
It's running Linux, Dovecot, Postfix and Nextcloud.
"Email senders now support sending emails over an encrypted SSL/TLS channel where the email is only decrypted once it reaches your personal email server. Helm is not able to decode these emails because we don't have access to the encryption key."
Yabbut, Helm is that personal email server; Helm is the terminator of the TLS encryption. The email is in plaintext by the time it reaches Postfix. Postfix then stores it in an encrypted disk, but Helm can decrypt the disk. Please try again!
Then there's this business about email deliverability. My experience is that if you have run a nice, clean email domain for (say) 8 years, then you won't have serious deliverability problems for personal email. But if that's the case, then you already know how to set up and run an email server, right?
People on HN are saying that Helm retains the root account on this device, but I can't find that information on the website. If it's true, then that would be completely the opposite of retaining control of your own data. Here is a pile of FOSS software, running on commodity hardware, where I have complete control; and here's Helm, with the same stuff, but - a proximity key, and offsite backup - in exchange for $100PA subscription, and I have to hand over root.
What's the benefit, and how come they're sold out?
>My experience is that if you have run a nice, clean email domain for (say) 8 years, then you won't have serious deliverability problems for personal email
I thought that, too, until the entire Digital Ocean netblock my IP was in started landing on abuse lists
I received my Helm v2 last week and it has worked great for Android photo backup and email subscriptions like substack. I have not been bold enough yet to move my primary email domain over yet. Apple mail and Fairmail on Android give a nice non-web email experience.
I like the product concept, the execution seems solid, and I like the auto update flow compared to manual update of most NAS products.
I really want this product when my kids get their first phone to keep their photos, calendar and emails off the cloud. At least until they can make the choice that they want that stuff being tracked.
Edit: Oh and I really like their user experience around creating generated device specific passwords for each client device (phone, laptop, etc) a user owns.
Glad to see a v2. Like some other folks here I eye rolled when I saw some of the claims on the v1, but I think between this thread and revised marketing copy I understand and appreciate their approach.
My biggest concern now isn't about some backdoor or the ability to scan email in flight, but rather the lack of any commitment around continuity in the event they are acquired or cease to exist. I would like to use them for email, but am wary of the headache of having to roll a matching EC2 setup at a moments notice and migrating to a new IP.
$99 a year for 128GB of backup space is really high, but I suppose it's partially paying for the OS updates or something like that?
I also wonder about name confusion with Helm the Kubernetes management system..
That said it looks like a nice setup, the hardware price is pretty reasonable for a completed product, and the website is trying to keep things simple.
Hi there - Helm co-founder/CEO here. We will have additional tiers of subscription for customers to back up additional data with us. Everything is locally compressed before uploading and all backups are encrypted with keys only customers have.
"we have additional teirs..... but we havent launched them yet"
so you DON'T in fact have addtional teirs since I can't buy them, resulting in only 128gig of cloud backup being availble regardless of what hardware I buy.
Not to mention this "cloud backup" takes my files back out of my control and hands them over to big tech (apparently encrypted, but from your other comments there is no way to verify that since there is no option for the user to access the device)
I suppose this is their gamble: can they make something that is so easy to use, even a normal person will be happy with it. That being said, how many “normal” people are really so concerned about email security that they don’t trust one of the big clouds?
Facebook et al have been working hard at convincing "normal" people that cloud is a dirty word. They have been more successful than one might think, judging by some of the questions I get from non-techie friends.
According to their blog post How Helm Works - Part 1: Networking [0], on the AWS side of things, for each Helm unit, they are provisioning an EC2 instance, an Elastic IP, and a Route 53 config. I suppose the 128GB backup is also part of this. From my perspective, $99/yr is not a bad deal for all this to be automatically managed.
Seems like a stupid design decision at that point to have a dedicated instance per user. For a pass-through they could multiplex tens of thousands of customers easily onto a single instance.
You can assign multiple interfaces to an EC2 instance and each of those can have a static IP. I think there is a hard cap on the amount of interfaces you can assign to a single machine, so you'd still have to scale out horizontally at some point.
Elsewhere in the thread gsreenivas mentions that the solution is too expensive for spammers and so they haven't had a problem with that yet, so we've actually moved to the original solution to spam: charge for sending e-mail*. The original proposal was to charge per email but an annual subscription would have the same effect in the right market (for now.)
Strictly, that's dynamic IPs. The Venn diagram may almost be circular, but not quite. Part of the point being that it's much easier to block static IPs, while a spammer on a dynamic IP will evade any blocks when their IP address changes.
My in-laws outbound email broke recently because, being on a dynamic IP, they'd been set up to send through their ISP's smarthost. Then they changed ISP :P.
This is even missing a trick: unless its politically indicated, AWS does not ban its customers for spamming, high-rate crawling or other abuses, causing its IP ranges to be widely blocked.
So now Amazon gets to market segment and sells a trusted email service, too!
yep. It serves to justify the subscription though, which is what all businesses want. Ongoing money vs a one-time purchase.
I personally quite like the idea of an appliance for email. But adding a permanent subscription that not only costs a lot of money, but will stop working if the company has an outage or goes out of business means it isn't targetted at me.
If you require AWS and have offsite backups then the product isn't an 'own your own data' product as it's advertised. At that point, why not just pay for managed email. It's cheaper, and probably easier to migrate if there are problems.
I care about owning my own data very much. This makes me conservative when it comes to these solutions, despite otherwise being an early adopter of everything tech.
For that reason I always recommend Synology NAS machines. They have been around forever, they work for years on autopilot and feel very similar to a microwave in terms of operational overhead. One-time purchase. No subscriptions. But most importantly, the ecosystem is stable and mature. And they are easy to understand and reason about and come with a slick UI with mobile apps. My favorite feature is having my massive photo collection always available on my phone, served from my own basement (with encrypted AWS Glacier backups).
[EDIT] This is Brandon Phillips of CoreOS fame sharing this! Maybe I should take a closer look then.
In a very boring and traditional way: you buy a domain name, configure dynamic DNS, and then use port forwarding in your home firewall. No 3rd party proxies.
To be clear, the storage app is not bound to the port, rather it’s a VPN server.
It’s how most companies operate (RBAC behind a private key challenge).
Exposing anything to the internet carries intrinsic risk, but exposing a VPN door is among the least risky of the available options, if internet accessibility is an essential feature. The only realistic compromise vectors are private key disclosure, bad VPN configs, or operating an outdated version of WireGuard with a known vulnerability.
What I do is use L2TP/IPsec VPN to phone into my home network and then login and use Synology NAS "locally". There's no inherent need to open your NAS to the internet if you don't want to.
I gave up when it became nearly impossible for my domain
not to end up on some list or some reputation.
The big cloud email providers make it a lot of work to run your own.
A friend of mine tried setting up a mail server a couple of months ago at Digital Ocean on a VPS and a couple of others and his mail bounced back all over the place.
I ended up with an account at one of the big ones, and then
using fetch mail to store all email locally. Only the very latest reside on the cloud server for a max of 10 minutes.
All outgoing mail is through my account the cloud provider.
Does Helm here provide a façade for the mail server that handles all the security setup and reputation management?
Or does each user with Helm have to try to get their email working on their own? (A huge pain)
Opposite example: I've hosted my own E-mail (+other services) on a $5 Linode VPS for over a decade. Initially had some deliverability problems. Read each and every failure carefully and followed the directions, and solved them all. Once, all of a sudden my IP ended up on one of the blacklists, resulting in severe deliverability problems, and I simply requested a new IP. Smooth sailing for years. My biggest E-mail headache is every six months or so, spamassassin goes out of its mind and has to be re-started. And certbot (letsencrypt) fails for some cryptic reason every time SSL renewal is up and needs to be babysat.
I found a compromise by hosting my email with a company that makes their money out of selling email hosting and stuff instead of advertising. Not being American companies is a bonus to me, as much as I loathe facebook and google, the government is always a far more sinister threat.
Ever tried sending a FOIA request to Facebook or Google?
Within a few miles of my home I can walk into a number of government offices of my local representatives and I can at the very least air my grievances. Sometimes they even can do something about it. Optionally but less effectively I can use a phone or email.
There is no Google or Facebook office anywhere around here. Even if there were, I would have no right to enter their offices or ask to speak to the person in charge. They're under no obligation to hear my grievances.
You can see almost everything the government is up to. You can't see anything Facebook and Google are up to. They're a black box. The law is on their side to keep it that way, forever. They can change their policies at any time with no notice and no public debate or comment. And that makes them a less "sinister threat" than a democratically elected, constitutional government with representation distributed all the way down to the neighborhood level? Fascinating.
I like it, but I can't help the feeling this is going to go the way of 90% of modern products: either goes broke in five years and shuts down or becomes successful and in five years gets bought by Google and shut down to force customers onto their new "Nest Server" service.
While I do have many questions, which would definitely delay an impulse buy, it is of general interest to have more companies trying to create easy to use products that help people to cut the cord with 5 companies that rules our digital lives today.
Now on with the questions I'd love to clarify:
- How to ensure the hardware is not chipped with some low level spyware?
- Can we install stuff on this machine? How is the upgrade process working? Do we have root on the machine if need be?
Great questions:
> - How to ensure the hardware is not chipped with some low level spyware?
We use a verified boot process to ensure trusted bits are running on the HW.
> - Can we install stuff on this machine? How is the upgrade process working? Do we have root on the machine if need be?
Not yet - but we are planning for customers to be able to run their own services in the future. We have quite a few updates to do before we get there. The upgrades happen OTA, seamlessly in the background. There is no root access on the machine locally or remotely.
I am a Helm v2 user and I agree. I got tired trying to keep a NAS running and later configuring a Raspberry Pi 4 correctly to run off the right disks, stay up to date, and configured correctly for NextCloud. With two kids I don't have time to tinker.
It's a little odd that the whole premise is own your data and then when you go to order and there's a recurring subscription fee that you can't opt out of
I guess if the data is on your helm on your home, and you can access it from your home after cutting your internet, then you do own what's on your helm.
The price for both hardware ($199) and subscription ($99/year) seems pretty reasonable. I could set something similar up myself, but then I would need to _maintain_ it, and doing email properly so Google doesn't mark everything as spam is non-trivial.
I don't like the idea of essentially opening up a bunch of ports to the internet. If you connect to their AWS endpoint on a bunch of ports (25, 80, 443, etc) that connection is transparently redirected to the device in your LAN over a point-to-point VPN. You can lock it down by putting the device on a VLAN and firewalling it off, of course.
Ultimately you're making a bet on Helm properly maintaining its software, security updates, etc, and more importantly being around longterm to do so. That's where I just stick with Google. Gmail (and GSuite or whatever they brand it as these days) isn't a service I'm at all concerned about Google kicking to the curb.
If you're serious about disconnecting from the cloud, though, this is a neat product and service. I hope it succeeds; if it's around a couple more years I'll switch.
Seems pretty cool. A little pricey and maybe even overpowered. The biggest thing that holds me back from hosting my own server is probably lack of static IP and the time/cognitive overhead of maintenance/security.
Have been hosting home servers behind DynamicDNS for 5 years now. Have never had any issues because of it. E.g. Namecheap supports the protocol - no need for extra subscription.
But are you hosting your own emails? That's the important thing here. Everything else is fine, but hosting and operating a custom email service is hard if you want to also reach other people's inboxes.
Disagree. We pay for convenience all the time. I just did in buying a synology NAS even though I could have pieces together my own solution (and have in the past). Having a working, maintained, stable, full featured email server that interops with the world isn’t something you can do quickly on your own even if you have the skills.
Of course, I agree with that. But this is, at least in my opinion, a very niche product. People who even understand what the product is would probably not be willing to pay a subscription for something they could setup on their own. Of course I could be completely wrong :)
Email is hard to do right, first I’m likely going to spend 2-3x the price on a server, so instantly we have 5 years of subscription covered by that price.
Then I have to buy an IP in a space that has a good reputation. Then I need to setup offsite backups, setup TLS and DKIM, plus a lot of stuff I’m sure I’m missing. Then I have to stay on top of patches and general maintenance. Plus I have to buy a domain name. Suddenly we’re looking at let’s say a 10 year lifespan before you need to upgrade. You are probably going to be basically even on costs but home built has a hundred of hours sunk into it too.
It's true that email is hard to do right, and there are lots of fiddly bits like DKIM. And you need to have control of your DNS. And, and and. I agree with parent's hundred-hour estimate.
It's not true that you need to spend $200-300 on a server; an email server for home use runs fine on a low-powered fanless Intel Next, for example.
Hardly anyone does offsite backups of their home server, unless they do it by relying on an online backup service. What's the threat-model? Is it that a fire might destroy their server, as well as their in-home backups? OK, backup to a flash key, and give it to a friend to look after.
I feel like this is just capialising on people's privacy and security fears.
Helm provides an offsite backup anyway, so why not just use a NextCloud provider + Cryptomator?
And email is a nightmare to self host and maintain, especially for a primary address. If you need real secure communication just use something other than email.
If I'm drawing an analogy here, owning your server and hosting your own services is like having your own house and having a SAAS is like renting a house.
A lot of people want to own their house while too many service/hardware providers are trying to be your landlords.
This is a cool idea but I think having a mandatory subscription killed it for me. It does not even provide an illusion that I can still have my own services intact and running indefinitely no matter what happens to or at the service provider. This is especially crucial when you consider how much of a pain switching email is.
Do I move out of Google just to be dependent on another company that requires a subscription for the illusion of owning my data? On top of that I have to deal with all the hassle that comes with it? I don't think so.
lots of marketing, not much substance here for me.
the manditory subscription with no option to avoid it is a 100% non-starter for me.
I would much prefer a documented method for seting up my own cloud cutout with a variety of providers then be stuck with whatever they choose and no way to change it to something of my own chosing, particularly with the cost of the subscription.
working on an open source version of these. called the Calliope Muse+ - it should be available for pre-order soon. if you want a non-subscription option
If I could reliably transfer my gmail legacy freebie grandfather thing account without it taking 7 to 11 days of API rate limited transfer at 100% luck, I would get my email out of there. Alas.
A workaround is to set up a desktop email client - allow it to fully sync, then use the desktop email client to export your email and import to another account.
Google rate limiting and restricting access to your own data is pretty awful. They are similarly terrible about OAuth permissions for 3rd parties - some companies are allowed to export data on behalf of customers while others are not.
I think I'm the target market for this - I run my own cloud on a personal server in my closet. I've been thinking of replacing it with something more compact, so Helm looks great. However, I would never buy this considering the mandatory $99 subscription service. It's too expensive for what it provides, the device price isn't properly subsidized to make up for the high subscription cost, and I might not even want to self-host mail but do want the other services.
@gsreenivas - Congrats on launching an useful service.
Is it still true that whenever we provision a new user they have to be physically present near a Helm device? Parents living elsewhere, and so are kids.
How does the pricing work if someone owns their domain already and prefers to keep their registrar? Is the cost still 99$?
This may make an interesting alternative for small businesses (10-20 employees) who prefer private storage and email addresses. Do you have any feedback for customers looking to use it as such?
> The architecture of the system has been designed so that it's not possible for Helm to access your emails. Email senders now support sending emails over an encrypted SSL/TLS channel where the email is only decrypted once it reaches your personal email server. Helm is not able to decode these emails because we don't have access to the encryption key. In the limited situations where the sender's email server doesn't send the email to you over SSL/TLS, Helm does not log or store these messages and therefore we are still not able to access them.
SSL/TLS is transport security, and email is inherently multi-hop, so this reads as bogus to me: each hop might use SSL/TLS but that doesn't mean the message content or metadata is end-to-end encrypted until it gets to my Helm server.
I don't know how this is actually implemented, but it would be possible to do this as described if the static IP provided by Helm just proxied all incoming packets directly to the personal server, without acting as a relay server at the SMTP protocol level but instead just being a dumb proxy. There's no reason that Helm would need to act as a mail hop at the SMTP layer or do TLS termination anyways.
The reason that the using the server's actual IP wouldn't work is that most residential IP ranges are responsible for mostly spam (so most outgoing email would likely be filtered), and some ISPs don't assign static IPv4 addresses to residential users (IPv6 would fix the later issue, but mass IPv6 adoption isn't going to happen for a while).
So, I'm highly attracted to the marketing (I work in the "personal server" market, mostly reselling NAS devices). Overall I'm a bit disappointed with the price per capability ($450 + $100 every year after that for a 1TB server from what I'm reading). But as one the first forays into what I feel is a huge upcoming market, it's fair to start at a premium price point as you experiment with different form factors/features/costs/etc.
I more personally lament the creeping buzzword-ification of "personal server" messaging. There's a burgeoning array of different underlying meanings for the terms "personal", "server", "own your own data", "full privacy", etc. It seems likely that terms like these will continue grow in popularity with adwords searches, so you can expect more companies and products to use this claim to sell a particular architecture with a potentially large set of technical trade-offs between various ideas of "server ownership".
Ultimately where I think the general trend towards "server ownership" will land, like all new important technologies as they get integrated into the rest of society, is with a company/product that best navigates a rather tricky balance between the affirmed value of "ownership" (et cetera) vs the individual's willingness to get their hands dirty with a slightly more sophisticated, but more robust understanding of the underlying architecture.
Put simply; the less the "end-user" knows about the fundamentals of their personal computing stack, the less capable they'll be when it comes time to reason about the right decisions for them regarding privacy, security, modularity, longevity, and the other various desirable properties of a personal computing stack that truly meets their needs (as parents, citizens, businesspeople, etc). The victor of this trend will be the one that best facilitates true "end-user" empowerment, with minimal gotchas.
I have a raspberry pi and tried to run something like this and it is just so much work. So I bought a Helm v2 and like it thus far for photo backup and my secondary newsletter email domain.
If there was a company offering an auto update OS service with nextcloud and email for Pi I would love to see it! Better yet if it tied to encrypted cloud backup/restore too.
Would love to see what documentation you have around both of these points. I have not seen anything that indicates the SoC for the Pi supports eFuse or any other OTP storage.
Great for laptops/desktops, horrible for servers. You would have to be present for the challenge/response on a reboot. Also, doesn't solve the secure boot issue. FDE w/o secure boot isn't particularly useful.
yunohost is a decent FOSS self-hosting debian-based OS, they even offer a free DDNS service/domain, a nice web gui to install apps/services and one can always ssh in and config manually
Looks really cool, but the subscription is a total dealbreaker. I might pick one up used a few years down the line if someone manages to load custom operating systems on it.
Considered this for home. Then asked myself, “what happens if they’re gone in five years? I’ll be looking for the next thing to replace this.”
If Google or Apple made something like this, I’d bite. However I don’t know who these people are, how much runway they have left, life expectancy of the product, and how open and secure this is.
I like the product, I understand the subscription, but I don’t get it when someone tries to sell « secure email » (looking especially at you, Protonmail). Email in itself is never going to be universally secure, that cause is lost to the simplicity and the federated aspect of the protocol, and it’s ok… just don’t try to tell me otherwise.
I currently use an Synology DS116, a small and simple NAS which I mostly use to backup my Mac via Time Mashine but I can't even find if this is supported on such a machine. It seems it is an NAS but without the being called a NAS, e.g. I haven't found anything about SMB or SFTP support.
No thanks, this wreaks of a monthly subscription I don't want that would result in unsupported buggy "hardware" in 10 years guaranteed. I'll keep my ZFS server with a text file reminding me how I configured it for now (since I usually forget after a few months)!
Interesting project! I'd feel much safer though if the server-side stack were available open-source to self-host. They can still offer the subscription for people who don't want to self-host.
It’s a hard drive that requires a subscription it’s no different than another cloud service, actually they charge you more because they require their hardware.
- the hardware looks okay
- the mandatory subscription provides value, but if the company folds, all the services go away and there's no instructions on how to set them up yourself -- at which point you might as well have bought an RPi with a preconfig'd distro.
- The selling point is "escape Big Tech" but the services are provisioned via AWS.
- The CEO is arguing with people here telling them that they are wrong about what they want.
- The owner doesn't have root access and Helm does. They promise that they can't look at your stuff, but of course they can.