[gsreenivas]

Using a hardware root of trust, secure boot and a Secure Enclave for managing keys used for full disk encryption, it will be very difficult to extract decrypted data from a Helm server. The keys never leave the Secure Enclave, they aren't available to the application processor or memory.

Most cloud-based email services hold email in the clear - we believe this means you don't really own your data. Encrypted email services have challenges around search, access via proprietary protocols and the risks of running highly sensitive operations in client-side javascript.

[lvh]

Hang on: are you suggesting cloud e-mail services don't use FDE?

[lolc]

They may but they also hold the keys.

[lvh]

I mean, sure? You can use encryption to get security and privacy features but "FDE" isn't it. FDE is more important for Helm but that's a problem of their own design: suddenly the e-mail is in a box in my kitchen and it's a lot easier to walk out with a box in my kitchen than it is to walk out with a drive from us-east-2a :-) For anything in the cloud it's a belt-and-suspenders/compliance thing.

[lolc]

How many people have access to drives in us-east-2a? Do you know? Can you verify?

Assuming the software works flawlessly (if it doesn't, it doesn't matter where it runs) you'll need RAM and storage access to recover the keys and the data. If you're in the cloud, you won't notice when insiders or state agencies take a peek. If the device is in your home, you can set it up so you notice.

It all depends on the threat model.

[lvh]

> How many people have access to drives in us-east-2a? Do you know? Can you verify?

AWS, like every non-clownshoes provider, is transparent about the security controls on its datacenters. It has those verified by independent third parties and auditors (for relevant compliance standards). They have published whitepapers and compliance/audit reports, and continue to.

The odds that someone compromises a Helm update and the odds that someone walks out of us-east2a with a drive are not in the same ballpark.

To reiterate, because somehow I'm in the "FDE is an important threat model!" corner: it is not. Walking away with a Helm is not the easiest way to read e-mail on that thing, especially not for an organization capable of dragnet surveillance in general.

[lolc]

> The odds that someone compromises a Helm update and the odds that someone walks out of us-east2a with a drive are not in the same ballpark.

Sure, but why are you comparing a software compromise against physical access? There are attacks that work against cloud providers which don't work against Helm. If somebody can compromise a Helm update they essentially got root. And that is a step up from just read access to storage.

Here's how I see it: There is a provider that runs my mail infrastructure. They can either run it on AWS, or host it at my home. If the data is in my home I don't have to trust Amazon. I still have to trust my mail provider ultimately, but using AWS doesn't improve on that.

[gsreenivas]

I'm curious about how you arrived at the conclusion that we are capable of dragnet surveillance. Connections to/from the Helm server use TLS end to end.