CryptPad - use it, love ❤️ it, support it

It’s been another release day in our little team. Today we released CryptPad v1.7.0 (Hodag). The biggest new feature in this version is that when you create a /code/ pad, the default highlighting is in markdown syntax and there it is rendered in realtime while you type. Try it out by making a pad at cryptpad.fr/code.

In this release we also completed something much more important and central to the future of CryptPad. We finished our first version of the payment server which allows you to take a subscription and help support the work that we do.

Starting with this release we are now imposing a 50MB storage limit for our anonymous users and a 3 month expiration of pads which are not stored by a registered user.

Instant collaboration is the vision of CryptPad and we are committed to continuing to provide that and even providing 50MB of persistent storage for anyone who is willing to sign up.

For people who are ready to take the next step, we are now providing subscriptions which will improve how you organize your information while helping CryptPad to grow and improve.

Plans

  1. Personal (5GB storage, 5€/month ex. VAT)
    • This is best for an individual using lots of pads for collaboration and note taking. For the price of a sandwich you can stay organized on all of your devices while also keeping your privacy private.
  2. Standard (20GB storage, 10€/month ex. VAT)
    • For the price of lunch, you can have 20GB of storage, enough for not only pads but also for the soon to launch File Upload which will allow Zero Knowledge storage of files such as pictures and PDF documents. With the Standard plan you can add one more friend for free.
  3. Team (50GB storage, 15€/month ex. VAT)
    • If you’re ready to extend your usage of CryptPad to an entire team, we are ready to help you succeed. With a Team plan you get 50GB of data storage in CryptPad, plenty for files and pads. You also get to add five people to your plan and you get professional support available in English and French.

Our goal is to make the best collaboration tool available while still being unable to sell or leak your content. Help us succeed, helping you stay organized and help show the world that Zero Knowledge Cloud is possible.

For Admins

If you’re hosting your own instance of CryptPad, there are a few things you’ll need to do when you upgrade to Hodag. The limits code is still somewhat of a mess and while we get it tied down, you’ll need to do a bit of work to disable it.

First there is a serverside per-user storage limit defined in config.js You’ll want to set this to a big number like so:

defaultStorageLimit: Number.MAX_SAFE_INTEGER

Then there is customize/application_config.js. If you’re not familiar with /customize/, you can create this directory and then copy application_config.js over from the /customize.dist/ directory so it will not be overwritten. The server will try looking in /customize/ first.

Inside of application_config.js you’ll need to update the enablePinLimit line like so:

enablePinLimit = false;

If you’re using your own CryptPad installation in a business context, please consider contacting sales@cryptpad.fr for an on-premises support contract. You’ll get help with upgrades and early information about security issues.

What’s Next

In the coming months, we’re hoping to roll out text coloring based on the authors of the document as well as file upload for PDF and image embedding. Eventually we plan to add Zero Knowledge spreadsheets and workgroups for team collaboration.

You gotta log in

It’s been two and a half years since the first commit to CryptPad, we no longer have the hideous white and green color-scheme and we’re on our third URL format. More importantly we now have a CryptDrive with folders instead of just remembering a few recent pads in the browser’s local storage.

The success of CryptPad as a tool for organizing and collaboration makes us glad to be working on the technology, but our desire to avoid collecting metadata has lead to an unsustainable situation.

We can’t store data we don’t understand for people we don’t know

There has been a proliferation of pads which are not accessed after a while and we don’t know who made them or even what type of pad they are. We know that a great many of them are “test pads”, if for no other reason, because we made a lot of them. Eventually we will be forced to delete old data but we don’t want to delete anything important.

Starting a few weeks ago we implemented a system called pinning. When you are logged in, your browser tells CryptPad all of the things in your drive. We don’t know what’s in them but we know they’re important so we shouldn’t delete them. Right now you can log in to CryptPad, go to your Settings Page and click the Usage button to see how much data you are pinning.

We recognize many users of CryptPad would like to use it anonymously and we will continue to support anonymous pads, but soon they will begin to be removed from storage after 3 months of inactivity. We’ve also simplified the anonymous CryptDrive because we want to send the message loud and clear that pads in the anonymous drive are not safe from deletion.

So please register and log in, you’ll get 50MB of pinning quota with the full features of CryptDrive and you can be sure that none of your pads will ever be removed from the server.

Funding CryptPad

CryptPad started as a novel idea:

provide a means for people to collaborate on the web, without their data being exposed to the server that connects them

Since its conception as one developer’s hobby project, this idea has grown organically into a team of core developers, a community of contributors, and a growing number of people who collaborate with CryptPad every day.

How we’re able to do this work

CryptPad is a part of the OpenPaaS-NG project, which is funded by BPIFrance. As mentioned in our April 1st post, this funding only applies to 50% of our expenses. I joked that the other 50% was being covered by our new partners (the NSA), but in fact, the remainder is still covered entirely by XWiki SAS.

We have a fair amount of autonomy when it comes to deciding what features we will develop. With that in mind, however, there are some long term goals that come as a part of OpenPaaS, some that stem from XWiki, and some that come from feedback from our userbase.

We recognize that however people’s goals may differ, ultimately everyone with an interest in the project would like to see it continue to receive attention.

By operating as part of an established company that has a history of building open source software, we’re able to leverage experience and resources that would not be as readily available if we were to attempt to build the same thing in our free time. Our ability to solicit research funding means that individuals who wish to see the project prosper are not solely responsible for its livelihood.

Since the OpenPaaS-NG project is only funded until 2019, we’ve been searching for other means of funding. Until 2019, any additional revenue would serve to ease the load on our employer. We hope that by the time the project finishes, we will have solidified a stream of income which is stable enough to make CryptPad entirely self-sustaining.

Our new funding strategies

Many of the largest web companies operate by offering free services to anyone who wants to use them. They offset the costs of these services by selling user data to whoever will buy it, or by selling ad space to anyone who wants to sell to their market.

We’ve chosen not to pursue either of these options. Instead, we want to appeal to those who value the work we’re doing, and provide options for supporting it, so that we can continue to improve CryptPad. We’re willing to bet on a trend that other privacy-conscious enterprises have demonstrated, that people are willing to pay not to be a product themselves.

To be perfectly clear, we will continue to develop our code in the open. Anybody who wants to install CryptPad for themselves will still be able to do so. Additionally, the features CryptPad now offers will continue to be available under the current terms. Going forward, however, we will offer certain additional functionality as premium features.

CryptPad.fr hosts an ever-increasing amount of data. So far, this hasn’t been a concern, but as more people take interest in the project this won’t be something that we can sustain.

In many cases, people create a pad as a test of the software, and forget about it once they understand how things work. In other situations, people use CryptPad to collaborate on reports, code, or presentations. At some point, those projects are finished, and those documents are forgotten.

To address this problem, we’ve implemented pinning, which is a way of telling the server that you want a pad to continue to be available. Anonymous pads, that is, those which aren’t pinned by a registered user, are liable to be removed after 90 days of not having been read or modified. We believe this time is sufficient to distinguish valuable information from that which is safe to remove.

  • Pinning will only be available to registered users.
  • Pinning will take effect following our next release, on April 25th, 2017
  • Everything that is in your drive will be automatically pinned.
    • new files will be pinned once you add them to your drive
    • removing a file from your drive’s trash will unpin it
  • Unpinned files which have not been accessed for at least 90 days will be removed
    • effective July 24th, 2017 (90 days from April 25th)
  • Registration is free, but we plan to offer users a limited amount of storage space for pinning.
  • For additional storage, you’ll have the option of paying a modest fee for an increased quota.
  • We’ll have more information about pricing soon.

Support contracts for private installations

If you’ve decided to host CryptPad yourself, we fully understand. Like you, we use free software, and know the benefits of taking responsibility for your own infrastructure.

If you’re using CryptPad to host critical information, however, you might consider purchasing a support contract. We’re still figuring out the details of our support contracts, however, this approach has proven to be of valuable to XWiki’s many customers in the past. You can see an example of XWiki’s pricing here.

If you plan to use CryptPad for your business, consider that it might be more time and cost effective to have us install and configure everything than to learn to administrate it on your own. Otherwise, if you find that you’re comfortable setting everything up in a basic configuration, but you’d like help configuring your server to behave in a special way, we’ll be there to help.

If there’s a particular feature you’d like to see implemented within CryptPad, we’re able to dedicate development time to build it into the software in the best way possible.

Sponsored development allows us to build features to suit particular users’ needs. By integrating those features into the official, open source version of CryptPad, we ensure that they will be used by as many people as possible. This helps us refine those features to be even more useful for you, and ensures that they will continue to be supported well into the future.

What’s next

Since we announced our bi-weekly release schedule, we’ve tried to make sure that each release contains an exciting feature. This time around, we’ve had to set some time aside to implement pinning, as well as code for reporting the size used by any one user’s drive. We realize this isn’t especially interesting for most of you, but it will be necessary for some more advanced features which we hope to share with you soon.

By providing a quota system for our registered users, we will be able to offer encrypted file upload capabilities. You’ll be able to upload images, and embed them in presentations and pads, a process which has been somewhat difficult so far. Our decision to limit users’ upload capacity is intended less to make a profit, and more to limit abuse.

We recognize that disk space is getting cheaper all the time, and that cloud hosting services will be able to offer more competitive pricing. Our aim isn’t to compete with the giants in the cloud industry, but simply to finance our ongoing research into privacy-friendly collaboration. There is still much to do, but working together, we can accomplish great things.

Exciting news

Here in the research department of XWiki SAS, which you may know as the CryptPad team, we take our work very seriously. Each day of the week, we do our best to deliver features which will solve real problems for real users. For a team of three full-time developers, that means covering a lot of ground.

  • we correspond with users who report issues, to track down bugs and identify usability issues
  • we write a lot, and not just code, but also documentation, technical reports for our generous sponsors, and promotional materials so that more people can benefit from our software
  • we take risks every day, building systems which others might have dismissed as impossible…

Why we do it

We work to build new tools, because we recognize that the world around us is always changing. We know that our users navigate new challenges all the time, and we want to be there to help. Ultimately, we all share the same world, and we want to make the most of it.

We’ve put a lot of ourselves into this project, because we want to push the state of the art forward. While it’s a very small team that develops CryptPad directly, we couldn’t do it without the support of XWiki SAS, and their willingness to take the risk of developing new technologies. Currently, our funding covers only 50% of our expenses, but we’ve been confident that it would lead to better things in the future.

Which brings us to what we’d like to announce…

Our new sponsors!

We’ve been offering up new features, which you’ve been noticing, and others have noticed that you’ve noticed. Major industry players have taken an interest in what we’ve been doing, and they’ve decided to commit to the Zero Knowledge Revolution.

What this means

Our hard work has paid off! We’re going to keep working on CryptPad, albeit with a little more stability.

We’re really excited to be working with our new financiers who have historically had a somewhat “tarnished” image in the security community, but we feel that now is the time for us and the NSA to work together and make Zero Knowledge a household name.

A high ranking official who must for the time being remain anonymous, has said that Zero Knowledge is the future and improving our algorithms to use more unbreakable AES cryptography is a high priority.

Our team is going to expand from 3 full time developers, to 60. This is also going to give us more time to polish up some features we’ve been waiting to announce:

  • New serverless architecture, all you need to do is connect to the internet and the NSA will collect your data automatically
  • Total encryption, including metadata. Cryptpad will be completely anonymous, since it will be primarily offline, we won’t have access to information about your location or activity. We’ll be handing this off to the NSA’s best cryptanalysts and mathematicians.
  • Full text search on encryped data, using quantum homomorphic encryption. Find everything all the time, in real time, with friends or alone
  • We will slowly rewrite our codebase in Rust-lang over the next several months
  • We will offer a new service to recover lost pads. If you’ve ever sent the link to the pad in an email, the NSA will be able to access the pad for you
  • All of this is going to become available under the more permissive MIT License. It will continue to be open source, but we hope this will drive more adoption in the business sector, even among enterprises which adhere to the proprietary software business model

We’ve been preparing this deal for some time, but we haven’t been able to talk about it while it was still under negotiation. With most of that out of the way, we’re very happy to be able to finally share this news with you!

What is Zero Knowledge

We have gotten a lot of questions about the concept of Zero Knowledge, the vision and ethics as well as the exact meaning.

  • What is Zero Knowledge?
  • How can encryption in the browser be secure?
  • What about metadata?
  • Most importantly: How to know if a service is Zero Knowledge?

I wanted to write a blog post to clarify what Zero Knowledge is all about. Zero Knowledge has two meanings, it can refer to a Zero Knowledge Proof, an obscure mathematical construct with few real-world uses but it can also refer to something with a very real-world meaning: web services which encrypt your content so that they themselves cannot read it. You may be wondering how this can be secure when a web administrator can quietly change their site to an unencrypted version at any time. This is a real problem, there is currently no way to verify the content (and code) of a website, but we need not despair. Even though we cannot prove that a website is secure, we can check that they are promising to make themselves blind to your content and they make that promise knowing if break it they might get caught.

Security is probabilistic

Consider the security software you use every day such as your web browser with HTTPS, your phone and your computer’s operating system. Have you ever stopped to check that software for “backdoors” (intentionally inserted which break your security)? If you have then you are one of the tiny group of heroes who dedicate their time to making the world a bit more robust and I salute you for it. If you’re like the rest of us, you just hope that the authors of that software were honest enough and protective enough of their reputations to avoid inserting a backdoor when it means potentially getting caught. Zero Knowledge is based on the same logic, just as software makers can surreptitiously add a backdoor to their software, Zero Knowledge websites can serve a backdoor to the user. However, just as software makers who insert backdoors in their software risk getting caught, Zero Knowledge web app providers who insert backdoors in their website also risk being caught.

The metadata question

Metadata is a serious issue. Former CIA director Michael Hayden said of the agency: “We kill people based on metadata”. I don’t want to belittle the importance of data which is not the actual content, but at the same time we must recognize that there is a huge uphill climb fix this issue. While the CryptPad project tries not to collect metadata when it can be avoided, we also recognize that other cloud providers may collect more or less metadata than us in order to provide their services. Fundamentally, we accept that a service qualifies as Zero Knowledge as long as the content is protected from the server operators. We are committed to studying ways to develop new, more secure solutions to the metadata issue but the spirit of Zero Knowledge is about more ethical solutions which are immediately actionable.

How to know if a service is Zero Knowledge

Zero Knowledge is about trust, nobody can read over and verify all of the code of all of the Zero Knowledge services available, but there are some heuristics which you can use when choosing a service.

1. Is it primarily Open Source ?

Services which are primarily Open Source are easier to evaluate both for accidental security mistakes and for potentially nefarious behavior. Furthermore, when a company commits their software to Open Source they make a statement that they are in the business of being an ethical provider for the long term and are not just riding the wave of a popular term.

2. Were you warned about losing your password ?

True Zero Knowledge services must protect your data from themselves using something you know and they don’t, such as your password… In the event that you lose your password and you are using a true Zero Knowledge service, your content will be inaccessible to you and to the service - the locks that keep them out will keep you out as well. Check for this warning.

3. Does it claim to be Zero Knowledge or End-to-end Encrypted ?

This is perhaps the most important question, because when a service provider makes the public statement that they are Zero Knowledge, they show they are prepared to risk their reputation if they are discovered to be storing your content in a way they can access. Some Zero Knowledge providers prefer the term End-to-end Encrypted which has gained significant popularity with messaging apps. There is no functional difference between a Zero Knowledge application and one which advertizes End-to-end Encryption.

Talk to us

CryptPad is developed by a team of 3 people with generous financing from BPIFrance through the OpenPaaS::NG Research Project. Our mission is to make Cloud Computing more ethical by promoting Zero Knowledge Cloud Services and show young entrepreneurs that it is possible to make a living while being ethical with peoples’ data. Meet us in our IRC/Matrix channel on Freenode and at: https://riot.im/app/#/room/#cryptpad:matrix.org