Introducing email notifications

With Kullo email notifications which is the big new feature in today’s Kullo XXI release, you will not miss a new secure Kullo message anymore.

A lot of users asked for this feature because they don’t sit in front of their desktop computer all day, don’t receive Kullo messages on a regular basis or just don’t want to have the Kullo client running all the time. You can now configure your preferred email address and we’ll write you a line each time there is something going on in your Kullo inbox. Of course, these notification emails don’t contain confidential information because our server cannot look into a user’s Kullo messages.

It took our engineering team a while to develop a notification concept that works hand in hand with The Open Kullo Protocol across multiple Kullo providers. We’re proude we achieved this in a very user-friendly way – with no additional login password required! But this is only the first step. Bulk notifications (e.g. one email per hour), SMS or push notifications can be integrated into the new system if it turns out to be useful.

How it works

Email notifications are part of the new account settings that you can access from you Kullo client the following way:

OpenAccountSettings1

“User settings” → “Account” → “Open account settings”

OpenAccountSettings2

This will open a browser window and log you into your Kullo provider’s account settings system. In the top menu you find the “Notifications” link where you follow the simple instructions. If you are in trouble setting up email notifications, send us a Kullo message to hi#kullo.net. The founder’s will get in touch with you as soon as possible.

 

How Kullo uses OpenSSL

Although Kullo uses the crypto library Botan for all it’s encryption jobs it needs OpenSSL. That is because The Open Kullo Protocol is an HTTP-based API that enforces TLS. Since we don’t want to reinvent the wheel and implement HTTPs on our own, we use a library for that. On the desktop platforms that is Qt Network at the moment. An alternative would be cURL and I am sure there are others. These libraries have in common that they depend on OpenSSL to implement the TLS. If there’s an Botan TLS based HTTP(s)-library for C++ out there, I’d appreciate a hint in the comments.

So OpenSSL is mandatory. But where do we get it from and in which version? That question has to be answered differently for every operating system. Continue reading

Kullo goes live

We’re happy to announce that we’re launching Kullo publicly today. From now on, everyone can register a Kullo address without any registration code whatsoever. This is a major step on our journey to make secure communication possible for everyone.

Sending end-to-end encrypted messages and documents is now as easy as Skype. Simply download the software, choose a Kullo address and get started.

3steps

You don’t have a Kullo address yet? Get it now at www.kullo.net.

Workaround for OS X update bug in Kullo 0.20.9

In Kullo 0.20.9, which was released on Monday this week (2015-01-27), there is a bug that prevents a user to interact with the app entirely under some conditions.

The problem appears when all of these conditions are fulfilled:

  • User runs OS X
  • MasterKey backup reminder pops up
  • A Kullo update is available

In this case you see one of the windows but you are not able to click any button or close Kullo. Continue reading

Introducing todo mode

From the very beginning, every Kullo message had the two message states: read/unread and done/undone. That is a result of the common problem with email: You read a message on your phone but right now you’re not able to get it done. Nevertheless, it is marked as read and gets easily lost when you open your inbox at your desktop later.

todo-buttonTo make working with done/undone more useful, we finished the todo mode in the 0.20.9 release. You can now filter messages as well as conversations for those that need to be done. Just use the little todo mode button to activate todo mode. Powerusers just hit Cmd+T on OS X and Ctrl+T on other platforms. Continue reading

Why valgrind reports “Uninitialised value” errors when running Google Test/Mock

Google Test is a C++ testing framework we’re using at Kullo. It creates a tiny binary that runs on a console and returns 0 or 1 depending on whether all tests succeeded or there was an error. So far so good.

Additionally we use valgrind to check for memory leaks, i.e. RAM that was allocated but not properly freed, which is an indication of programming errors.

You can do that by running your Google Test binary as follows:

valgrind --leak-check=full --error-exitcode=1 ./tests

Problem

One test resulted in a number of “Uninitialised value” errors, stating stuff like the following:

Use of uninitialised value of size 8
  at 0x677F9E1: _itoa_word (_itoa.c:180)
  by 0x67836D6: vfprintf (vfprintf.c:1641)
  by 0x683FC24: __vsnprintf_chk (vsnprintf_chk.c:63)
  by 0x683FB87: __snprintf_chk (snprintf_chk.c:34)
  by 0xA899B4: snprintf (stdio2.h:65)
  by 0xA899B4: testing::(anonymous namespace)::PrintByteSegmentInObjectTo(unsigned char const*, unsigned long, unsigned long, std::ostream*) (gtest-printers.cc:72)
  by 0xA8D1FC: PrintBytesInObjectToImpl (gtest-printers.cc:90)
  by 0xA8D1FC: testing::internal2::PrintBytesInObjectTo(unsigned char const*, unsigned long, std::ostream*) (gtest-printers.cc:112)

Continue reading