How do you pay for Gmail, Google Maps, or Facebook?
You probably use these services, or similar ones, every day, and don’t think they cost you a thing to use. But really, they do—just about every web service that isn’t selling you something is selling you to someone else. Your data, whether that’s facts about you, pictures you share, places you go, messages you post, emails you send, or anything else, is being read by a machine (and sometimes humans) to figure out what best to advertise to you.
Google scans your emails to market products to you; it tracks your location when driving to show you where to pull over to buy things; Facebook analyzes everything you put on the social network to provide a complete picture of you to sell to advertisers. These online systems that billions of people willingly hand over their data to can be compromised—30 million Facebook users just had their accounts hacked. Why, exactly, are we giving that data away for free?
A new startup, called Helm, doesn’t believe we should.
The company has been toiling away in secret for three years working on its first product, a small personal server that anyone can set up in minutes to create their own private, secure email account. There’ll be no prying eyes, no one trying to sell you anything, and a slim chance of it ever being hacked.
Giri Sreenivas, the founder of Helm and a veteran of multiple security companies, told Quartz that he believes the email address is the cornerstone of our digital identities—we use it as our login for our banking, our utilities, our social media, our insurance—so it’s not something we should hand over so easily to large tech companies whose motivations may not match our own. He’s been running his own personal server for years, and his inspiration for setting up the company came after the 2013 revelations from Edward Snowden about how the US National Security Agency (NSA) was snooping on regular citizens’ data. Seeing how undervalued and over-examined our own personal data is on the internet, and how difficult it is to set up any sort of private server without technical chops, Sreenivas and his co-founder Dirk Sigurdson set out to change that.
“The Internet we were using in the early 90s looked very different than what our families are using today,” Sreenivas said in a blog post published today (Oct. 17). “We believed control needed to be returned to the people.”
The Helm server is meant to be as easy to set up as other modern internet devices—Sreenivas referenced the eero wireless router setup as an inspiration for his company’s work. He said the company had been working over the last three years to get the setup time down from four hours, to half an hour, to three minutes. Eero is one of the simplest products I’ve set up in recent years, but also not a particularly complicated device—an entire new server, on the other hand, would be a lot of work to set up. So I challenged Sreenivas to prove his device could be as easy to use for something that traditionally required someone with a background in IT to set up.As I found in 2015, this could cost you hundreds, potentially even thousands of dollars to set up yourself.
Sreenivas reset the demo device he had in front of me, and walked me through the setup process. I didn’t time him, but it was definitely closer to three minutes than four hours.
The device connects to a phone with Helm’s app installed over Bluetooth. Once connected, the device asks for access to wifi, you set up an administrator account on the device, and plug in the USB stick Helm provides. The server copies recovery keys for backups that are stored on Helm’s cloud onto the stick, which you’re then supposed to store somewhere secure, like a safe. The app then asks you to set up a domain and an email address—all of which is handled by Helm and included in the cost of the device, so there’s no need to hassle with hosting companies to buy a domain name and hosting space.
Once that’s set up, the device whirrs in the background for a minute or so, setting up its DNS records (or Domain Name System records, the files every server or website needs to be able to be pointed to the internet) and the domain, and then it’s good to go. Sreenivas asked me to send him an email to the address he just set up, and it worked: We had very easily set up a private server on the Quartz guest wifi network (sorry, IT department). He could now send me messages that were completely encrypted, under his control, and away from the eyes of anyone who might be interested in their contents. You can also import all your old messages from another service (like Gmail) so you don’t lose all your old contacts and correspondence.
The server is a pyramid-shaped device that’s meant to blend into the background of a home, not stashed away in some basement closet. Although the device only ships with a 128 GB hard drive, Sreenivas said his team designed the server to be expandable, as it’s meant to handle more than just email in the future. One side of the pyramid opens up to reveal a tray that can hold up to an additional 5 TB in storage, and the peak of the pyramid can be removed to reveal a USB-C port.
For now, Helm is concentrating on email, because Sreenivas sees it as so integral to our digital lives. But he envisions selling additional chevron-shaped objects that can slot on top of the pyramid to provide additional services or storage. In the future, the Helm could act as a complete private home server, offering storage for a family’s photo and movie library, or a media server that could be accessed remotely and securely from anywhere.
The only downside of Helm’s current setup is that you can’t use any webmail services, meaning you’ll be stuck using email clients like the Mac Mail app, Microsoft Outlook, or Mozilla’s Thunderbird. Sreenivas is exploring the option of connecting to webmail services in the future (so you can check your email on computers or phones that aren’t your own).
There are myriad guides online, old and new, on how to set up your own personal server, and how to do it for relatively cheap, but there aren’t many products on the market that aim to offer a ready-to-go, server-in-a-box setup like Helm. There may be others, but they’re not aimed at regular consumers, nor are they priced as such—the Anstle One private server, aimed at developers, starts at $800, and the setup process isn’t nearly as straightforward.
Helm’s server goes on sale for $499 today (Oct. 17) on the company’s website, which includes a year of services. After that, there will be an annual subscription fee of $99, which will include domain-management costs, cloud backups, and access to any future services Helm launches. Sreenivas said the device will ship in November.
There’s no guarantee that people will realize the value in their own data and their own private server—beyond, perhaps, Hillary Clinton. But in a time when so little of what we do online seems particularly secure, or private, perhaps there’s not been a better time to reconsider who has access to our data, and why.
“Free services online aren’t free,” Sreenivas reminds me.