Star now comes with 50 GB instead of 15, and the price is the same. Use code for 30% off your first 3 months - limited to the first 10 people. Get started
Company News

Hi, we're Aster. Here's what we care about.

Hi, we're Aster. Here's what we care about.
Findley Lucas
Findley Lucas
Share:

At Aster, we are a small team building an end-to-end encrypted, privacy-first email service. This blog post will tell you about our mission and our core values. You’ve probably read hundreds of these before, so we will skip the part where every company swears it values transparency and trust in innovation. You know those words are easy to type, but what’s hard is showing what we did when keeping them got expensive. That’s what we want to do here instead.

The following will include our mission and five points that we assure you we will not trade away, with the receipts attached. Whenever we make a claim, we will point you to where you can go fact-check it for yourself, and we’d honestly rather that you did.

Our mission

We want to make privacy the default and accessible to everyone for free, not a privilege. Aster is an email for a freer internet, allowing you to speak without censorship. The tools are open to everyone, and there is no company or government agency that gets to sit between you and your own private life.

Here are some things that bug us. For most people, “private” email today just means picking whatever company gets to read your mail. You can leave Google for someone smaller and friendlier, and you will feel a bit better. In all honesty, nothing has really changed. You just gave all of your emails to a different corporation, and surveillance and advertisement are still the business model.

We think that you deserve better than that. Real privacy means the people running the service should not be able to read your messages, even if they were compelled or wanted to. It means the encryption protecting you is built on open standards that will outlive any one company, including ours. It also means that you can walk out the door and export everything whenever you’d like, because a service that traps you inside their ecosystem never really understood what it was supposed to protect.

That’s the internet we’d love to help build a small, honest piece of, and we’d love for you to be part of it.

What we won’t compromise

This is not just some wish list for PR, they are statements that we have already discussed that we are going to hold. Sometimes, holding them costs us something.

Privacy is a right, not a given

A lot of security tools are only secure if you know what you’re doing and you’re an expert in the field. You get handed a pile of settings and a quiet warning that it’s your fault if you mess something up. We do not agree with that, nor do we think that’s fair to you at all. That should be on the company, not you.

If staying safe with Aster takes a tutorial and then a leap of faith, then we have not finished our work yet. Safe and secure should feel like the easy path, not the brave and treacherous one.

Security that’s just easy

Most security tools are only secure if you’re an expert in the field. You get handed a pile of settings and a quiet warning that it’s your fault if you pick wrong. We do not agree with that, and we don’t think that’s fair to you. The hard part of encryption is our job, not yours.

If staying safe with Aster takes a tutorial and then a leap of faith, then we have not finished our work yet. Safe and secure should feel like the easy path, not the brave and treacherous one.

Open, because you shouldn’t have to take our word for it

This one is closest to our hearts because we know what you have been through. The privacy world is full of promises that never hold up. No log services that actually ended up keeping logs. “Privacy-first” companies running the same old data machine underneath the service and not telling users. People have been let down enough times to live by a good rule: do not trust and verify.

We think that rule is exactly right, so we created Aster so you can actually follow it to the T.

The whole point is open source under the AGPL. You never have to take our word for it because the code does it for us. You or any friend you trust can read every single line of our codebase and audit it yourself. We also publish a transparency report and a signed warrant canary, You are able to see exactly what government requests we have received and confirm that the document is current rather than pre-written and fake. We are also going through a formal third-party audit, with the results being published publicly whenever it’s completed. Whatever they say Privacy you can’t check is really just a false promise, and you’ve got more than enough of those already.

No locks on the door

Your keys and your data are actually yours. We use standard OpenPGP, so your keys will work with GPG, Thunderbird, and any other PGP client out there. You can always pack them up, export them, and leave Aster entirely whenever you feel like it.

We could have built a private protocol that worked only inside our services, and it would have been easier for us to control and maintain. Honestly, it would have quietly trapped you, because leaving would mean leaving your keys behind. We decided we did not want to do that to you. Lock-in is one of the most reliable growth tricks in software, and we would skip that, rather than own you once.

We answer to users, not investors

We are a fully bootstrapped company with zero venture capital funding and no board pushing us for an exit. We do not have an acquisition that we are planning to reach, and we are not going to apologize for being a small startup, because being small is exactly what lets us keep every promise that we make. There is nobody sitting above us quietly pulling the company in the other direction. The only people that we have to keep happy are the users and the people that we are protecting.

So, come say hi

That is Aster. Five values in one single mission and a track record that is still short and being built, but already tested in public. We would always rather show you what we did than just tell you what we believe. Everything up there points at something real that you can go verify:

  • Code that you can read and audit
  • Keys that you can export and take with you
  • Nobody above us pulling the strings to point us in a different direction

If any of this sounds like your type of thing, we would genuinely love to have you as one of our users. Whether you just want to use Aster, help build it, poke around and tell us what we got wrong, feel free to: read the code, audit the encryption, watch what we do next, or just watch our track record be built.

That is where you’ll find out whether we meant a word of it. We think you will be glad that you looked.

Share:
Findley Lucas
Findley Lucas

Founder and CEO of Aster Privacy.

Related posts

Our code audit, and the fixes
Security

Our code audit, and the fixes

Our code audit, and the fixes
What does "end-to-end encrypted" really mean
Engineering

What does "end-to-end encrypted" really mean

An exact list of what Aster Mail encrypts on your device, what our servers can still see, and an honest explanation of why each piece of metadata exists.
How Aster encrypts your email
Engineering

How Aster encrypts your email

A complete, honest look at how Aster encrypts your email — from key derivation and post-quantum protection to the metadata we store in plaintext and why.