So I was definitely over-worried.
I learned a lot today and was something that I was not expecting at all.
First I would say to everyone that criticized my post: THANKS. Really thank you, because you made me feel better.
I read every comment here and got some useful advices. Also I talked in private with some great people and received lots of emails with great advices.
I really didn't know about the European Startup scene. Lots of people suggested that I should move to London or Berlin. Thing is the internet and web startups are mainly US based that's my kind of trap that I felt.
I appreciate your comment and yes, maybe, I was too dramatic. But it feels like it. I know I am an EU citizen and so on that's why I asked for advices and I got what I asked for. This community is wonderful, I love HN because there is always someone who can help.
I upvoted because I like the simplicity of the website.
But I have to say that I would have preferred if your code was open source. You state to use encryption and delete messages from your servers. Now I would like to have some sort of "proofs" and there is nothing more realiable than code.
Thanks! We just got started, and I totally get your point. Right now we are trying to figure if there is a commercial aspect to this. Our plan is to open source the code eventually.
Note: We use AES for encoding our keys into redis, where we use redis timeouts to clear out the data. Minimal postfix logging to ensure that we don't keep track of emails.
Without access to login to their server and look at the running code anytime you like, you still don't have any "proofs" of the encryption/deletion -- regardless of whether the code is open source or not.
What about server side implementation? I saw that you are using Apache. If you are on Django or Rails you can easily switch to Nginx and gain some benefits.
