We love the internet, social networks and the power it gives for sharing and social connections. When sharing something on Twitter or Instagram the whole world can see it and that is great!
What we don’t love though is that private communication has more or less turned into an open stream for companies and governments to listen into.
Companies like Facebook, Twitter, Apple and Google have been forced to open up their systems and hand out information about their users see trannyporn. At the same time they have been forbidden to tell anyone about it!
We’re building a message app where no one can listen in, not even us. We would rather close down the service before letting anyone in.
Secrets are only secrets if they are secret.
When will Hemlis be released?
The simple answer is, when it’s done. We will of course release it as fast as possible, as we want this ourselves! You can follow the development on our blog plus Twitter and Facebook.
How much will the app cost?
The application will be free but we will charge a small fee (via an in-app purchase) to unlock certain features. We do this to fund the continuing development and infrastructure.
Will it be Open Source?
We have all intentions of opening up the source as much as possible for scrutiny and help!
Will you release Hemlis on other platforms?
First is iOS and Android. Once we have accomplished that, it’s only natural that we expand to other platforms as well.
Is it really secure?
Yes and no. Nothing is ever 100% secure. There will not be any way for someone without access to your phone to read anything, but with access to your phone they can of course read the messages. Just as they can use any other app you have installed.
What kind of users are your target?
In short, everyone. One of the key points of Hemlis is to make the app as user friendly as possible so as to remove the high threshold that is usually associated with encryption software and services.
Your server only?
Yes, the way to make the system secure is that we can control the infrastructure. Distributing to other servers makes it impossible to give any guarantees about the security.
Why is Hemlis different from WhatsApp, Line, iMessage etc?
Our focus is your privacy so we are building everything from software to company structure to protect that.
Does Hemlis save every message on a server?
Yes and No. Messages will be stored on our servers until they have been delivered. If they are not in due time they will be thrown away (and you can send it again from your device).
Can I invest in Hemlis?
If you are talking about investing money for equity and/or control, no. To guarantee the safety of our users we can not accept any money “with strings attached”.
What technology will Hemlis use?
We are actually using the asymmetric encryption capabilities of Daniel J. Bernstein’s nacl or more specifically the libsodium implementation of it.
Why not use OTR?
We love OTR but it’s not really feasible to use in a mobile environment yet. OTR needs both parties to be online for a session to start, phones are not always online. So it would not work at all for offline messages.
Will you provide an API and/or allow third party clients?
At this point we don’t see how that would be possible without compromising the security, so for now the answer is no.
Can I e-mail you?
Yes, press(at)heml.is & hello(at)heml.is
Why the name?
Hemlis means “Secret” in Swedish. And .is is the top level domain of Iceland, a small but beautiful nation in northern Europe. The Icelanders are famous for data protection and it’s one of few top level domains that has proven that they do not cave in to pressure easily.
Who is doing this?
Hemlis is built by Peter Sunde (@brokep), Leif Högberg (@leihog) & Linus Olsson (@bonq).
Why are you doing this?
Primarily the leak from Edward Snowden made us understand that this is needed. We don’t want a world where everyone is monitored all the time. People have a right to be private and this is our way of enabling them.
Do you smell nice?
Yes, two of us do.