[uptown]

I'm less concerned about physical access to the device, but more concerned about third-party services like Mailbox increasing the number of attack vectors on your inbox. Mailbox has total access to your email account. Now somebody can either attempt to hack Google's servers, or Mailbox's servers. It's enough to convince me not to sign-up for their service since email provides the gateway to virtually everything else.

[jalada]

This. Why is no one talking about this massive elephant in the room? Mailbox wants you to trust it (and its employees) with (reversibly-encrypted? I haven't used the app but I don't know how it could provide all its features without this) access to and storage of your Gmail account and all your emails?! I barely trust Google with that.

This article just helps compound the idea that that trust might be a little misplaced....

[scrumper]

Mailbox was nice, but I dropped it after a week when your point occurred to me. As far as I could tell, the only reason it needed full access was for push notifications. There was no discussion at all of account security, and I just couldn't bring myself to trust them. There's no way one of the usual cutesy startup apologies would cut it here if they compromised my email.

I'm back to Sparrow now (which doesn't do push) and quite happy: Mail.app tells me I have a new message, then I process my emails in Sparrow.