Re: Hushmail in U.S. v. Tyler Stumbo

Calling Hushmail a scam (which seems lower in the continuum
than 
Snake Oil) is pretty strong.  I have been (and am) a
Hushmail user 
for many years and have been impressed by how they go about
their 
business.  They are pretty explicit in explaining how things
work, 
opening the code up for review, using OpenPGP, non US
servers and 
incorporation, etc.

Given the above, I was surprised at what was in the
affidavit.  I 
know there are several assumptions; the most glaring is that
the 
defendants actually used the PGP implementation in the
Hushmail 
system.  The assumed response to a legal request for emails
would 
be the data stored on the server, which should be just PGP
and 
headers. The affidavit does not state that crackers or
keyloggers 
were used or that the passphrase was obtained from the
users.  
Given the rest of the detail, it seems like these important
actions 
would have been listed if they were used.

I wanted to know the collective opinion on how the contents
of the 
emails could then be made known to the DEA without a glaring
hole 
in the implementation or administration of Hushmail, either
of 
which would be important but disappointing to hear about.

rearden


On Thu, 01 Nov 2007 16:52:28 -0400 Jon Callas <joncallas.org> 
wrote:
>On Nov 1, 2007, at 10:49 AM, John Levine wrote:
>
>>> Since email between hushmail accounts is
generally PGPed.  
>(That is
>>> the point, right?)
>>
>> Hushmail is actually kind of a scam.  In its normal

>configuration,
>> it's in effect just webmail with an HTTPS
connection and a long
>> password.  It will generate and verify PGP
signatures and 
>encryption
>> for mail it sends and receives, but they generate
and maintain 
>their
>> users' PGP keys.
>>
>> There's a Java applet that's supposed to do end to
end 
>encryption, but
>> since it's with the same key that Hushmail knows,
what's the 
>point?
>>
>
>I'm sorry, but that's a slur. Hushmail is not a scam.
They do a 
>very  
>good job of explaining what they do, what they cannot
do, and 
>against  
>which threats they protect. You may quibble all you want
with its  
>
>*effectiveness* but they are not a scam. A scam is being

>dishonest.
>
>You also mischaracterize the Hushmail system. The
"classic" 
>Hushmail  
>does not generate the keys, and while it holds them,
they're  
>encrypted. The secrets Hushmail holds are as secure as
the end 
>user's  
>operational security.
>
>I know what you're going to say next. People pick bad
passphrases, 
> 
>etc. Yes, you're right. That is not being a scam.
>
>They have another system that is more web-service
oriented, and 
>they  
>explain it on their web site far better than I could. It
has 
>further  
>limitations in security but with increased usability. It
is also 
>not  
>a scam.
>
>	Jon
>
>--------------------------------------------------------
-----------
>--
>The Cryptography Mailing List
>Unsubscribe by sending "unsubscribe
cryptography" to 
>majordomometzdowd.com

--
Save hundreds on Technical School - Click here.
http://tagline.hushmail.co
m/fc/Ioyw6h4fRTdts2rXzvypA08i4x4ZY17uNW0IOfxYNnLUwGHrYCe6DW/


------------------------------------------------------------
---------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography"
to majordomometzdowd.com