Mailbox app, the email software that garnered a wait list some 380K long for its iOS premiere in 2013, has come to OS X in a limited public beta last week. Mailbox is really quite exciting. However, in doing some background research for a review on the app, I discovered something disturbing. It’s something that you should probably know about too.
Let me say some positive things about Mailbox first. We spend a lot of time on email. For many of us, email is a chore. It has gotten out of control and become unmanageable. Any solution that promises to revolutionise email, to simplify email, to make email fun again, we’re so going to embrace.
That’s exactly what Mailbox wants to do. Mailbox first launched with an iOS app. On the mobile, Mailbox sought to make it easy to act on your email through simple swiping gestures. The same ideas were brought to Android in in April 2014. OS X users now have the pleasure of testing out the beta. Some of the handy actions you can expect to pick from include the ability to file away a message to a later time. How often do you leave your email in your Inbox because you know you need to deal with it at some point, but just not now?
You can read plenty more other reviews of Mailbox on OS X.
When Mailbox first arrived on iOS, something not so great about it caught my attention. I didn’t care much about it then, because I don’t really use any iOS device. Sure, I have an iPad. But I don’t do email on it. I had pretty much forgotten about the issue, until now that I’m trying it out again on OS X.
The problem is this. Mailbox is not just an app. It’s a cloud service. It depends on the cloud to work. Let’s elaborate on this a little.
Let’s suppose your email is in Gmail or iCloud. Those are the only two email services supported by Mailbox at this time. You’d expect your email app to access Gmail or iCloud servers directly to fetch your email. Right? Wrong.
The Mailbox app actually talks to Mailbox servers. These are compute instances hosted in Amazon’s AWS. Mailbox servers then talk to Gmail or iCloud servers. Alright, to be honest, I don’t use iCloud so I can’t be sure, but I observed through watching the network traffic how Mailbox supposedly loaded my Gmail email account. The app did not talk to Gmail servers at all. They were talking to a bunch of Amazon AWS IP addresses.
Do you mind that Mailbox servers are actually fetching your email?
I don’t think Mailbox actually has your Gmail username and password. If properly implemented, there’s no good reason why they will need to keep your Gmail credentials for their servers to access your Gmail account. Access to Gmail can be granted to the app.
You can see in the Google Account Security page, how the Mailbox app has been granted permissions on the Gmail account. This is a good thing, actually, in the sense that Mailbox app has exchanged your username/password credentials for an authorisation token for future access to your Gmail account. You can revoke this authorisation at any time.
Account credentials are unlikely to be the cause of concern. It’s simply about the fact that your emails need to go through Mailbox servers.
This cloudy business of cloud services is often an issue of concern. If you use Gmail, then your email is in a cloud service. It’s already bad enough that Google, potentially, has access to all your email. Now with Mailbox, you’re also exposing yourself to Dropbox (the company that now owns Mailbox)?
Perhaps some people don’t mind that. Some people may figure that the benefits outweigh the risks.
I cannot appreciate how Mailbox has to implement its app in a manner that requires email to pass through their servers. Perhaps if they can share more details about how the use of their servers can offer some immensely useful feature that is simply impossible to do inside an app on its own, then I (or we) could better appreciate their design.
Furthermore, I’m concerned if Mailbox hasn’t made it quite so clear to users that the app is not just an app, but a cloud service that will read your email. To be fair, their Android Play Store page does say:
Mailbox checks your email from the cloud and delivers it to your phone securely.
I don’t quite see the same statement on their webpage.
Mailbox could be a real killer app if they could make it a standalone app.
View Comment Policy