🤔 Frequently Asked Questions

How private / anonymous is Aether?

tl;dr

Aether's privacy features are designed for mainstream users. They will protect against corporate surveillance, and indiscriminate dragnets.

They will not protect against targeted attacks from nation-states, and they are not designed to.

As a qualifier to both maxims above, Aether is early-stage software. Do not use it for anything security-critical.

With all of the mention of Aether being a privacy-conscious app, it’s a good idea to define what that means, so that we’re operating with a known definition of privacy.

What does Aether try to achieve?

Aether’s ultimate goal is to become email, for mass communication. What that means is that it’s the most basic way to broadcast yourself, to find an audience, to find your own community, or to start one.¹ Email is the most basic way to reach out to somebody, Aether should be the most basic way to reach out to some people.

Just like email, it’s a protocol, and a network. For example, Gmail, Fastmail, Protonmail and others implement and share the same protocol, SMTP. Aether, likewise, is an implementation of the c0/Mim protocol.²

Why does this matter? It matters, because so far, all of the communication tools we have online have been owned by singular companies, due to the very lucrative network effects that can be harvested from exclusively owning one. There are shared protocols, for sure, but the vast majority of our mass-communications are not available for public access, to non-users of those platforms. This is unexpected, doubly so considering that owners of these sandboxes do not actually own any content within them. People could just … leave. Yet they don’t, because network effects are strong. That’s why these sandboxes are valuable.

This is not to say that this is not a good business model, or that the people who do this are evil. They’re not, they’re just executing a great business model, and feeding their families.³ There’s nothing wrong with that. This does take a little more from ‘the Commons’⁴ than acceptable, though.

So what do we do here? We need a viable alternative to exist, and for that, you just need to look at the news headlines about existing platforms, and that makes for a better case than one could ever hope to make. No need for preaching to the choir here.

How will Aether survive?

So let’s figure out how this works out. The technical challenge is one thing. But what’s harder is to make this continue to exist, that means it needs to be compatible with the way we structure our societies at this point in human history. That is, it needs to pay its bills. Not making so would make this swimming against a river; not only pointless, but also has consumed many a valiant children for naught.

On the other hand, you also need to make sure that the money needs to work in a way that does not corrupt. Obviously, the best way to make money is doing something else much more popular, barring that, the best way to make money from something in this space would be to make it closed, and optimise for that. But those are not interesting, those already exist.

What’s of interest here is a much harder challenge: keep this open, give out as much as humanly possible, and make it perpetual — by making it not reliant on personal sacrifices of its creators. It’s not a surprise that the projects that are best maintained, the most useful, are the ones that makes the effort of their creators worthwhile.

So where does that leave us? Ideally, Aether would be an endeavour that can pay for a small team to work full time on it — this is the best way to make sure that a project is there for as long as possible.

It is with the context of it-should-be-here-for-the-long-term the questions below should be answered.

Aether’s security model

Let’s think through this step by step.

• Aether needs to be a tool for the masses. This means, it needs to be exceedingly easy to use, and be accessible for the regular user.

• Any improvement to the privacy of an average user is multiplied by the number of people using the app. The most good in this respect can be done not via making sure it works for the expectations of users with extreme needs, but by making sure that it is as private as possible while retaining excellent user-experience. Good user experience brings a lot more folks to the yard than theoretically perfect security on paper.⁵

As a result, this is Aether’s security model: It’s designed for the average user who wants privacy. If you’re looking for an escape from corporate surveillance, or indiscriminate dragnets, it’s very useful.

Aether isn’t an app that tries to pitch privacy as one of its main features. Rather, it’s a communication app that can stand on its own merits, that also happens to come with excellent (qualified by the paragraph above) privacy.

What does it not do? A few things. For example, if you are explicitly being targeted by a nation-state, Aether cannot help you. If you’re doing illegal things, Aether cannot help you. These problems are out-of-scope. Not only it would make for a much different app, the ethics of serving these corner cases, for both good and bad, is a much different conversation and risk profile than the one under discussion here.

This might be disappointing to hear if you are a spy trying to avoid a nation-state that is specifically looking for you. However, there will inevitably be others that will rise up to that challenge, if they have not already. Consider supporting them.

A real world example

Aether comes with Tor support, but you have to configure it via changing the configuration files. Because if you need to use Tor, and you don’t know how to change configuration files, it’s very likely that you don’t know what you’re doing.

Not only that Aether does not primarily serve a user base that would require Tor as a pre-requisite for using Aether, it especially does not serve people who need graphical UI tools to configure Tor support — those are the people that are most likely to harm themselves due to misuse, and they’re much better served not using Aether with Tor, so that they don’t have an illusion of safety.

How does privacy in Aether work?

The privacy that Aether offers is statistical: when you post something, after it leaves your computer, it floods the network, everyone gets a copy of it from somebody that’s not necessarily you. As a result, no one knows which node posted it first. So posts have no IP addresses associated with them.

This means two things. First, the more people Aether has, the more private it becomes. The second is, if someone really wanted to find you, they would insert a lot of dummy nodes into the network, and start to listen. Some of those nodes would receive content earlier than others. With enough nodes and enough time listening, they can close in on the node that has posted it, bit by bit, and then end up in front of your house.⁶

Aether could make it so that this is much less likely. (That said, even Tor has a form of this problem.) However, this would make the user experience worse (in terms of latency, development velocity, or user-facing complexity), and it would not improve the privacy of the average user, only those that fall into the edge cases.

This feature might eventually come, in the form of onion routing. However, this is not a priority, since it does not improve the total ‘deal’ the average user gets.

Summary

Aether’s objectives are not only privacy: outside it, Aether aims to be a place that:

• is easy enough for the average user,
• with enough mainstream content that the average user will want to use.

Given these constraints, Aether will choose to increase the safety and security of the average user, versus those with extreme (i.e. targeted attacks from nation-states) security needs.

This is not because those extreme users aren’t worth protecting. It is because increasing the average privacy of the regular user slightly is a much more effective way to improve the overall privacy of the planet than improving privacy of a few by a lot.

As with anything in life, this is a tradeoff based on limited resources. There are other projects that make different tradeoffs, and if your needs are not served with Aether, you should check them out.

Lastly, do not use Aether for anything that is illegal in the United States. Given enough motivation (this applies to all other tools, as well), you will be found out. Aether is not designed for that use case.

¹ If you’re thinking of Usenet, I like your (real or spiritual) greybeard, and you’re my kind of person.

² If you know your way around email, this is the cheatsheet:

Aether backend =~ Postfix / SMTP. It's a MTA, that speaks c0/Mim
Aether frontend =~ Dovecot / IMAP . It's a graph compiler that structures raw data into human-readable content
Aether client =~ Mozilla Thunderbird, Mail.app, or Outlook

The current desktop app comes with all three. The mobile apps will come with only the frontend and the client.

³ Vast majority of people in Silicon Valley aren’t millionaires, they’re hardworking regular people like you and me, they go to work every day, work their butts off, and sometimes they get asked to also come in for Saturday.

⁴ The human intellectual output is exponential. The more you get exposed to different ideas new things, the higher quality the output you’ll produce, whether be it just quality-of-thought, writing, or something entirely else. If you restrict the availability of content outside your walled garden, then you’re taking from the Commons not just the content of other people you kept from circulating, but also its ‘interest’ — the second-order effects of that content that would have been.

⁵ Which, in practice, tends to be unusable for any real, practical purpose for anyone except select ‘enlightened’ few. A communication tool with perfect privacy that no one uses contributes exactly zero bits of privacy to the world.

⁶ You can mitigate this to some extent by using Tor, VPN, WireGuard, or some other tool that is explicitly only designed to secure transmissions.