What is Qabel?

  • The Qabel concept is an ecosystem for true data protection. It is a free, extendable platform with published sources which conceals the data and, in particular, also the metadata from everyone except the user themselves - notable from the service provider.
  • Who communicates when and with whom, who exchanges data, who uses a Qabel service — all of this ideally remains concealed even from us, the service provider. As a result you don't have to trust us as a provider since we can't pass on to third parties what we don't know. We're not at the end of the journey yet; metadata obfuscation is constantly being improved. You can find the actual current status here
  • Other Cloud providers & Co. normally only offer plain transport encryption for upload or download or the host for the data has a master key and can therefore be compelled to allow access to user data in accordance with §110 of the Telecommunications Act. Here, there is no other solution than to trust the provider since interception of your data per se is possible.
  • We believe that it is wrong for people to have to trust a service provider. If you look at the legislation being discussed in Germany and in other countries, and also at the intelligence services' abilities to tap centrally stored data, which have become open knowledge since 2013, the service provider can have the best intentions — but you simply can't trust them.
  • That's why Qabel carries out the encryption entirely on the client side and leaves it in the user's hands. This means that complete encryption and decryption occurs exclusively on your own devices. Our users' data appears on our servers and online as just a meaningless stack of bits which no-one can even begin to make anything of.
  • You don't have to trust us. The technology which Qabel is based on and its functioning are a provable fact. Our source code can also be looked at here. No other service provider can currently offer you that in this combination.
  • Qabel has set itself a variety of challenges when it comes to technology, licensing and monetisation and offers private individuals, open-source developers and companies the opportunity to make the platform their own.
 back to top

What can Qabel do?

  • "The Internet" could run on Qabel. Theoretically, there are no services which wouldn't function via Qabel.
  • To date, only a few services such as data sharing, file synchronisation, simple messaging and address book are built-in. However, Qabel is a platform which supports any services. We have many more services in the planning stage – but we are always listening very closely to what people would prefer to have next.
  • Standardised protocols, such as email (IMAP/SMTP), calendar (calDAV) or contacts (cardDAV), can be provided as transparent applications through the concept of the so-called Qabel Bridgehead. This means that you can simply continue using your usual programs once we have reached this stage. Your calendar app on your smartphone, your email client (e.g. Thunderbird or Outlook) on the desktop — everything is converted, encrypted and forwarded through Qabel in the background.
  • Once we have reached this stage, it will be possible to connect to the same functionality using Qabel instead of Google on an Android smartphone, for example. Your data thus remains private and not in the Google computer centre. Finally, a phone with Qabel connection, so to speak.
 back to top

Who is behind Qabel?

  • The original idea was expressed at the beginning of 2011 during the course of a team meeting at the data protection company praemandatum.
  • A consortium which combined all of the necessary skills (technical, ethical and, in particular, legal) was rounded up. For patent troll reasons among others, a new company, Qabel GmbH, was founded. The shareholders are:
  • praemandatum GmbH 21%
  • Peter Leppelt 7.5%
  • Benjamin Schütze 7.5%
  • Christian Zuckschwerdt 6%
  • prioeins management consultants GmbH 7.5%
  • Kirsten Ackermann-Piëch 12.5%
  • Peter R. Ackermann 12.5%
  • Hannover Beteiligungsfonds GmbH 25%
  • hannover innovations fonds GmbH 0.5%
 back to top

Where does the name "Qabel" come from?

  • As an analogy: the system does little more than a good cable - it conducts your data to exactly where it belongs. No more and no less.
  • "Qabel" is also the Maltese word for "ahead of", "before" and also indicates when the encryption of the data takes place — namely before upload.
  • And in truth is comes from "qab lj", Klingon for "hard to intercept". 
 back to top

I want to support Qabel. What can I do?

  • If you are a programmer: here is the source code.
  • Our Bitcoin receiving address is: 1Ca7AqsotQYjVzN86QLbf6Cj52zDxRQFus
 back to top

Why wasn't there anything obvious like Qabel long ago?

  • There are many, predominantly historical, reasons for this; the Internet is a growing system which originally had a completely different focus.
  • However, one aspect is certainly that, paradoxically and despite recent events scarcely a single company or organisation had any interest in developing such a system:
  • Companies such as Google or Facebook make their money using their users' data — so they have very little interest in enabling the users to conceal their data.
  • Companies like Apple want to exercise content control on their customers' devices (amazingly high amounts of content, apps or ideas disappear from the Appstore for staggeringly non-transparent reasons). With a system like Qabel, this would no longer be possible.
  • Security companies and anti-virus producers have a very different focus and would also be cannibalising their server-based products (encrypted stacks of bit cannot be scanned for viruses).
  • Large telecommunications providers such as Telekom are often still heavily influenced by the government as a result of their history. The interest there in obfuscating communications data is naturally limited.
 back to top

Won't this support terrorists, paedophiles and copycat hold-up murderers?

  • No.
  • Why not? 
  • Dangerous terrorists aren't stupid, otherwise they wouldn't be dangerous. Encryption methods already exists and are accessible to everyone (if somewhat cumbersome to deal with) - terrorists thus already have the ability and make use of it. Only the other people can be monitored using the blanket surveillance measures which do not work on Qabel. Those who don't actually have anything to give away. 
  • Targeted surveillance is still possible (through infiltration of one of the devices belonging to the subject of the surveillance, for example). Then, it is simply necessary to turn back to something which executives nowadays appear to no longer consider: a constitutionally justified initial suspicion and police work. 
  • These topics are disputed to the greatest possible extend at an ethical and professional level. If you want to read more about it, we recommend the following starting points: 
  • Digitalcourage
  • Chaos Computer Club
  • Forum InformatikerInnen für Frieden und gesellschaftliche Verantwortung (FIfF) 
 back to top

Is Qabel completely secure?

  • No.
  • No system — whether analogue or digital — is 100% secure. Anyone who has ever told you differently is either untrustworthy or is a charlatan.
  • Qabel is as secure as is possible with the latest technical knowledge and to the best of our knowledge and belief, but only if you adapt it for your devices.
  • The realistic option for intercepting data from a Qabel user is through infiltration of the client.
  • The passwords and private key are in your hands - make sure to take care of them!
  • You can find useful tips here.
  • Very important: never install a Qabel client from an untrustworthy source. Versions officially published by us can be found here.
 back to top

But encryption doesn't work — the NSA can still read everything too!

  • Unfortunately, that's what has been spread by some mass media. It's wrong. Encryption per se is not insecure.
  • There are two methods of cracking encryption: computing power and/or backdoors. The NSA uses both.
  • If you close the backdoor and the encryption is good enough then the NSA is kept out.
 back to top

What good is it all, then?

  • We believe very strongly in things like the rule of law, citizens' rights and human rights, freedom of expression and the right to freely form an opinion.
    To quote a few fitting things on this subject:
    "It is alarming that almost no-one knows what data concerning them is saved. It is of the utmost concern that almost no-one knows who already has this information. On the other hand, it is not alarming that only a minority guard against this. That is cataclysmic." (Götz Hamann, Marcus Rohwetter, DIE ZEIT, 48/2004)
    "Freedom isn't given to you - you have to take it." (Meret Oppenheim)
    I am of the opinion that the problems of the world and mankind cannot be solved without idealism." (Helmut Schmidt)
    "Eavesdroppers seldom hear anything good of themselves." (saying)
    "I do not agree with what you have to say, but I will defend to the death your right to say it." (Voltaire)
    "They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." (Benjamin Franklin)
    It isn't our top priority, but of course we also want to make money.
 back to top

What happens if Qabel GmbH suddenly goes bad?

  • We have built in several safety mechanisms:
  • If Qabel is sold or goes bankrupt, then the latest version will remain available in the source code. It can be used and further developed by other people at their discretion.
  • The patent will be given away to a non-profit institution upon receipt which will make it available with legal certainty to non-commercial users or programmers. Our agreement is not required for this.
  • The statutes of the driving company, praemandatum.
 back to top

I don't care what other people know about me.

  • That's fine by us. We simply offer another option which has previously been completely lacking.
 back to top

The Qabel servers are not actually (just) in Germany.

  • Correct. The server location is completely irrelevant for security, making the idea of a "Germany or Schengen network" completely absurd besides. Such an approach wouldn't help at all.
 back to top

Does Qabel participate in any association such as BITKOM or eco?

  • No, and this will remain the case
 back to top

Is Qabel in dialogue with politics?

  • No
 back to top

Why do we embed videos from YouTube?

  • We spent a long time searching for a video provider which does not track its users (even against payment), but were unable to find any. Self-hosting is out of the question for technical reasons. As a result, we opted for a YouTube 2-click solution.
 back to top

What does "lazy unsharing" mean?

  • The sharing of an object is immediately rescinded by the owner. The object which has already been uploaded into the Cloud is not uploaded again as a result of the changed sharing information, only the metadata is changed. The benefit is that this only results in marginal traffic.
 back to top

Can others also offer Qabel?

  • Yes, quite happily.
  • To do this, providers/hosting providers should simply get in touch with us. [LINK to Qabel provider]
  • Private individuals or organisations of any kind can offer free Qabel connections at any time free of charge.
 back to top

Can the respective users of different Qabel instances talk to one another?

  • Yes. Qabel is explicitly decentralised. It doesn't matter where you have your Qabel connection — you can communicate with other Qabel users. This prevents a single firm or organisation from monopolistically saving all of the data. Although these are fully encrypted anyway, they nevertheless remain independent.
  • If you as a company or provider require a closed user circle, please feel free to contact us.
 back to top

I am a business or a software developer and want to develop a service which is based on Qabel. Do I have to pay for this?

  • If your project will be free software: no.
  • If it will be a commercial product: probably. Simply get in touch with us - the conditions are very individual and fair.
 back to top

Why will I have to pay for Qabel in the future? It is available for free elsewhere.

  • No, it's not available for free elsewhere. Others pay with their data at the very least.
  • The non-commercial use of Qabel services is and will remain free for everyone. Only storage, hosting, back-ups and other optional services will incur a charge in the future.
  • Because we don't make any money from your data (can't and don't want to) and we need to support ourselves.
  • Things like "E-Mail made in Germany", De-Mail" or "E-POST" simply offer transport encryption. This means that the data is still available unencrypted on the providers' servers and can be used, stolen or surrendered accordingly.
 back to top

What's to stop me installing the Qabel server software at home and using it to make money?

  • A patent for the system has been applied for and we will react in line with this.
  • The system has been published under QaPL. Commercial use without consent is prohibited.
 back to top

I've lost my key. Can the service provider or host recover my data or reset the key?

  • No.
  • We recommend keeping the private key and the password in a very secure place, for example in an encrypted file on a USB stick in a safe deposit box.
 back to top

But the key is really gone. Please make an exception for me and resend it to me.

  • That really doesn't work. It's not physically possible.
  • If we were able to do that then everything written above would be a lie.
 back to top

How does it work with the license?

  • Qabel is subject to the QaPL, a license with published sources developed in-house. The QaPL is not classified as a "free software license" or an "open source license" according to the Free Software Foundation (FSF) or according to the Open Source Initiative's (OSI) standards. Unfortunately, we haven't yet found a term which the FSF likes, so we are still dithering somewhat over the wording.
  • We opted for this in order to make it possible to push the project forward in the long term and at the same time guarantee the greatest possible degree of freedom.
  • In short:
  • The QaPL is inspired by other free licenses but:
  • Prohibition against use by the intelligence services and military.
  • Prohibition against monetisation of this platform by third parties without consultation.
  • Purpose:
  • Anyone (except the dark side) can use it, host it, offer it to others, modify it, etc. at will.
  • If money is earned as a result, we want a slice of the pie.
 back to top

Why not completely publishing it under the OSS license?

  • The estimated annual budget of the NSA is round about 10.8 billion US $. We and other civil rights activists have to compete with them. 
  • Since the OSS license failed to do so over the last years, we are trying a different approach – as open and trustworthy as OSS but with a new and maybe even more reliable business model. 
  • Another important aspect is that we don’t want our platform to be used by the dark side. OSS licenses give us no tools to prohibit the use of our work by the military and intelligence services.
  • …and for you as a person it simply doesn’t make any difference since you are having the same rights and liberties. The only difference: We have a chance to survive and provide the project on the long run.
 back to top

Why the conditions? Why not simply closed source?

  • Encryption software for which the source code is not completely open is, by definition, insecure since backdoors cannot be ruled out.
 back to top

Why is the Qabel source code not simply open source but use is prohibited?

  • The aim of the project is to make encryption in the network almost obligatory. We want encryption to be the rule and not the exception. This is the only way to prevent mass surveillance at the press of a button in the style of the NSA in the future. Ideas such as "voluntary commitment", "Schengen networks" or simply hoping for improvement simply won't work.
  • Consequently, this platform needs to be used by as many people as possible, which in turn depends on how good it is and how many services and programs based on it there are. To this end, plenty of people have to want to develop for it. This simply provides that legal certainty for open source developers who can't be dependent on the day-to-day moods of a company.
 back to top

It's patented? But the patent system is broken.

  • Agreed.
  • We will give the patent away to a non-profit organisation, initially in trust to Meinhard Starostik
  • The idea behind this is: 
  • we consider this to be a good thing which should be available to everyone. For this reason, we chose a license which is as free as possible. 
  • Truly good things will only be achieved if many people work together on them. We are big fans of open source
  • However, experience shows that an organisation must stand behind a project to push it forward. Many OSS projects have already perished for lack of this. 
  • We can only do that if we are earning money. 
  • OSS developers, on the other hand, will only participate if they have not surrendered, for better or for worse, to the vagaries of an individual company. Who really knows whether we might not unexpectedly make our code closed source tomorrow, making all their work for nothing as a result? 
  • That's why we offer legal certainty with the transfer of the patent. The software and the system are and remain free. Anyone can use it, anyone can modify it, anyone can pass it on. We reserve only the right to make money with it for ourselves. 
  • We consider this to be a good path for everyone involved. 
  • We want to prevent something like this.
 back to top

What form does the overall architecture of the Qabel platform take?

  • The Qabel platform differs from conventional architectures in particular in the fact that the "intelligence" is not found in our server back end but is rather on the client side in the form of "smart clients". One advantage of this, among other things, is that this already conceptually allows for more security and privacy in the overall system.
 back to top

What components make up a smart client?

  • The client has a modular structure and consists of several components. The largest component is called "Qabel Core". This implements all of the platform-independent functions (the back end in the client, so to speak).
 back to top

What programming language is the code for the Android and Windows clients written in?

  • The following applies for the largest component in all Qabel clients, the "Qabel Core": this component is developed in Java since we offer native Android apps among other things. The core is independent from the actual client operating system.
  • The following applies for the different client devices:
  • The Android apps are developed with the help of the Android SDKs.
 back to top

What programming language is the code for the back end systems for the Qabel platform written in?

  • In the server area we use Python as our language, PostgreSQL and Redis as the data structure store.
 back to top

What is the Qabel encryption based on? Is a private-public key used?

  • Qabel uses a combination of symmetrical and asymmetrical cryptography. For this, we rely on established standard algorithms (256-bit AES-GCM or curve25519 for the asymmetrical cryptography). "Noise" is used at the protocol level, which fulfils out anonymity requirements since the encrypted protocol message does not expose any metadata.
 back to top

What duration/runtime is currently planned for the public beta version?

  • The public beta has no fixed runtime.
 back to top

What underlying technologies are used for the accounting server?

  • The components in the accounting server are Django as the web framework in combination with a PostgresDB.
  • Here you find the repository.
 back to top

What underlying technologies are used for the drop server?

  • The components in the drop server are Django as the web framework in combination with a PostgresDB.
  • Here you find the Repository.
 back to top

What underlying technologies are used for the website for the initial registration of Qabel accounts?

  • Registration occurs via a website by means of Jave Script, from the user's browser directly to the Qabel accounting server.
 back to top

What metadata arises during use?

  • When Qabel appears in version 1.0, the server operator can simply see the total size of the verifiable storage (quota).
  • Therefore it gets much more difficult to see who is communicating with whom, from where to where or for how long. Both telecommunications data retention and personal information disclosure are practically cancelled out as a result.
  • Furthermore, it also gets much more difficult to see what service is being used via Qabel. The server operator simply sees that it's Qabel, not whether chat, sharing, calendar or whatever else is being using via Qabel.
  • The latter is particularly interesting in a widely spread system. It is then no longer possible for the government to block certain services. You have to turn off the whole network.
  • In addition, the provider is virtually compelled to provide net neutrality as a result - it can no longer favour certain services.
 back to top

Precisely how does the encryption for Qabel work?

  • The encryption and decryption follows the principle of asymmetrical cryptography. Qabel performs all of the necessary steps automatically in the background.
  • The following scenario illustrates the process which runs automatically in the background: Alice wants to exchange data with Bob, so she first asks Bob for a so-called public key which he sends to her in a secure manner. The public key can be represented as an open padlock. With this lock, Alice can now secure or — correctly expressed — encrypt the data. And since a lock only closes, and doesn't open, Alice can no longer decrypt the data herself. Bob has kept the key to the lock, the so-called private key, and has not shared it with anyone. As a result, he can now decrypt the encrypted data from Alice. In the event that Alice wants to use Qabel as storage for her own data, she keeps both the public and the private key to herself.
  • For insiders: for large quantities of data which you want to share with multiple people, symmetrical cryptography (AES256) is used. As for PGP/GPG, only the key is asymmetrically encrypted here.
 back to top

For which operating systems are Qabel clients available? For which will Qabel be available in the future?

  • The Qabel Box beta starts with an app for Android Mobile from version 4.4 on and for Windows-Desktop from version 8.1 (32-/ 64-bit).
  • We are planning on supporting other operating systems like iOS, MacOS, Linux or Windows Phone.
 back to top

Why aren't you doing something web-based? That would be much simpler!

  • Yes, it would.
  • Sadly, however, as is the case with simple things: they usually don't really help. The inherent problem with a web-based system is: the delivery channel for the cryptocode is potentially compromised. Furthermore, key management is difficult. It therefore wouldn't solve the problem of mass surveillance.