Sure, but having been burnt by Keybase and others in the past, there's no way I'm adding another closed-source single-provide blackbox server endpoint to my daily routine.
While this looks like a really neat utility, I'll pass until there's a self-hosted option under a free license.
As one of the Charm co-founders, I think that's fair! That being said, others have asked us about this recently as well. I'll paste a reply I made the other day on Reddit:
Your concerns are well founded! I've certainly been burned by services disappearing...
It's a compromise to have a business model that allows us to develop Charm full-time vs. being completely open source. Our plan is to have a business model similar to GitHub: free and low cost services for individuals with enterprise hosting options (colo or hosted by us).
One thing that I think we should do is allow for a very easy export of all of your data. We can build that into glow and charm (vs. having to email us and ask for it or some other draconian option).
This is very much a 1.0 release of the Charm Cloud and one of the reasons we wanted to ship it early was to get feedback from the community and build out the features our users want. Your point is a great one that we should solve for ASAP. A glow export feature that spits out a .tar.gz of all your stashed markdowns seems like a great idea.
We're also open sourcing the libraries we use to build glow and charm, most of which don't require the Charm Cloud. We just made our TUI framework Bubble Tea open source for instance:
We also have a library for applying JSON stylesheets to Markdown called Glamour that is independent of the Charm Cloud (and currently in use in GitHub's cli):
Please consider having an open source self-host option and a paid cloud service. Many people (and enterprises) doesn't want to spend time securing and maintaining servers. If your company disappears there is the self-host option as backup. This model seems to work well for Ghost and Gitlab.
FWIW, I get the impression that they want to charge money soon. Keybase never really wanted to bother with that and the implicit SLAs that come with it? Charging money is a great way to actually guarantee it will be around for a while longer than your typical ad or VC funded 'free' service.
I feel like the major problem with E2EE cloud services is getting apps to adopt it. For example, I like bear editor, but I don't like their encryption model. I like standard notes & inkdrop's E2EE encryption models, but I don't like them as editors that much since a bunch of their energy is probably being consumed by encryption stuff. It feels like the engineers who make good UIs have a hard time doing well on the security standpoint and the ones who bother to make things secure have a hard time dealing with making good UIs.
I want something that the bear's of the world will adopt and then they don't have to think about E2EE anymore.
I've switched to Ghost for my business precisely to support this model. And since I don't want to spend time maintaining servers, I pay them handsomely.
Well-structured exports is certainly something that I think will make a lot of people more confident (and also a necessity if you intend to have first-class support for EU customers with any kind of individual identifiers, with GDPR and all).
I’d still put a dogfed (same as you run yourselves, possibly missing select enterprise-targeted features) FOSS self-hosted server version.
Look at Hashicorp for a great example of that this works in practice when you're targeting a techy audience!
I’m sure a lot of your potential customers are happy to pay exactly because they want someone else to take care of all the technicalities - and on the other end of the spectrum (and I’m sure you’ve thought of this already) you have the enterprises that for legal or compliance reasons simply have to own the whole stack - and there you’ll have free users providing back tutorials, documentation, bug report and the occasional PR that you’d otherwise have to do yourselves or neglect. Just food for thought :)
Thank you and sanbor for the detailed reply. I think it's really interesting. We can't promise anything now but it's definitely something we can look into. I self-host Sourcegraph and Gitea and enjoy the freedom (and can also see why someone would pay to not self-host).
This definitely goes both ways. I’d wager GP falls in the same category as I do in that Dropbox is not an option for them. Their security track record isn’t really stellar.
Encrypting the data before uploading to Dropbox should make their security almost irrelevant? The issue I have with these anti-cloud sentiments is that they more or less give a moat to the established players like OneDrive or Google Drive or Dropbox. There has to be a better way to reduce the risk of alternative cloud services.
That’s very valid nuance. But I also think that alternative cloud services can be successful without having to keep their server-side implementation closed and protected.
I absolutely agree that there’s a need for the middle ground.
I’d also say that I think nobody really cares if GH is running vanilla git, or which SMTP and IMAP server Fastmail is using; perhaps the important thing is that there exists at least one maintained fully API compatible open alternative, not necessarily 100% identical to the software run by the hosted, or even primarily developed or maintained by them.
(And, well, the insight that can be derived from metadata is not to be dismissed, so I wouldn’t agree on “almost irrelevant”)
I'm sympathetic to the idea that a company is going to be better at doing backups and maintenance than I am, but for the first point: it sounds like they're using the local machine's SSH key to wrap a symmetric key[1]. Unless you're sharing the same SSH key across all of your machines, this tool probably isn't very useful when switching between computers.
Edit: It looks like they generate their own SSH key instead of using an already present one[2]. So you'd presumably need to copy that to each machine that you'd want to use so that it can unwrap the real (cloud-stored) decryption key.
We actually issue a new Charm specific SSH key for you. We then allow you to link machines together with our `charm` account utility. The symmetric keys used to encrypt data are encrypted for each public key linked to your account so you can access your data from multiple machines.
Thanks for the explanation! Glad to hear you've thought out and handled the linking process.
Just out of curiosity: have you seen or considered age[1] for the symmetric pair? I've used it on a few projects where cryptographic flexibility wasn't necessary.
Major difference here is that GH (in terms of git repo hosting and interaction) have API-compatible free and open implementations - there’s no vendor lock-in (apart from the network effect if you count that, which I don’t)
While this looks like a really neat utility, I'll pass until there's a self-hosted option under a free license.
To each their own.