If you don't want to give full access to all your data, check out https://starthq.com. We do federated search from the client via an extension. There's also an API which lets you add support for any service you want: https://starthq.com/developers
We haven't been actively working on it for a while, so have been considering open sourcing it. If anyone is interested in helping out with that or has ideas as to how to monetize this, drop me a line (hello@starthq.com).
Have you also considered the Pillar Project's approach? They too struggled for funding, but I rather like the connection among blockchain technology, ICO funding, and personal data tools. I think the inversion of control that these efforts are seeking is what society needs in order to have a more healthy relationship with companies (and governments).
This would be such a nice app if it was local-only. Like, there's no reason for it not to be...
You could have the index created locally or even just do remote calls for search to the respective API's. There's really no reason for this to be cloud-based. Maybe access token synchronization, but in this case, I think setting up all accounts on each device I have once... wouldn't be much of a trouble compared to giving them access to all my storage everywhere.
You know, it's creepy for a single person too though. I know you're storing only metadata to build an index, but that is still a lot and I think for most it causes a big feeling of unease.
In my opinion your service would be great if it were fully-local. This would also open up the path to full-text search for documents, without being creepy. I'm not expecting you to do that for free of course, I mean as a paid product. (Haven't dug into your current pricing details)
That said, the need for something like this almost outweighs the cost. But I so agree w/ what you're saying. That was my first thought—uh—so. much. access.
Before I sign up, I'd want to know what's safe, where, and why.
Hey there, happy to answer any questions you might have.
Diamond's working to make permissions more granular and transparent with each release. Some quick points:
* we don't store the files themselves, only the metadata the service provides (e.g. file names, collaborators, paths)
* we don't store service passwords (authentication is handed back to the service itself
* we do on-prem installs for corporate customers and we'd consider a version of it for pro as well.
We take our first impressions on security and privacy very seriously. Happy to take some feedback on how we can improve trust.
Hi! Great reply - this is how you earn early adopters trust. At the potential cost of giving away your "secret sauce", I'd highly recommend being as transparent as possible about what you do and what you don't do to people's data. There's a huge need for your service, but as most of the comments here point out - be f'n careful.
> We take our first impressions on security and privacy very seriously.
This statement is unforutnately, NOT how you earn people's trust. Presumably your early adopters are technically inclined. Guess what, they don't care if you say "we take it seriously", they want you to show why you take it seriously. Furthermore, any large financial institution (for example) is going to say the same thing. Sure your sales guy says "we take it seriously", but you're not going to win any deals if you don't pass their security audit.
I'm also to worried about giving full access to my emails but I don't think that makes me a scared person. I think wrorrying here is perfectly fine and understandable.
isn't this an app like Rambox which is effectively a glorified web browser? That one at least only opens the web interfaces of the various chat and email applications out there right now, it doesn't store (or claims not to) any credentials itself. Doesn't need to either. I mean it'd have to implement authentication for all those services, which is hard to scale.
I think we're different from Rambox in the sense that we're not trying to emulate the in-service experience for many services in our own our app. Instead, the idea is create an access point to take you to the file, email or insight with less effort. As for authentication, that's handed off to the service a user is trying to authenticate (e.g. Google Accounts).
We haven't been actively working on it for a while, so have been considering open sourcing it. If anyone is interested in helping out with that or has ideas as to how to monetize this, drop me a line (hello@starthq.com).