Jon Callas wrote:
>
> On Nov 1, 2007, at 10:49 AM, John Levine wrote:
>
>>> Since email between hushmail accounts is
generally PGPed. (That is
>>> the point, right?)
>>
>> Hushmail is actually kind of a scam. In its normal
configuration,
>> it's in effect just webmail with an HTTPS
connection and a long
>> password. It will generate and verify PGP
signatures and encryption
>> for mail it sends and receives, but they generate
and maintain their
>> users' PGP keys.
>>
>> There's a Java applet that's supposed to do end to
end encryption, but
>> since it's with the same key that Hushmail knows,
what's the point?
>>
>
> I'm sorry, but that's a slur. Hushmail is not a scam.
They do a very
> good job of explaining what they do, what they cannot
do, and against
> which threats they protect. You may quibble all you
want with its
> *effectiveness* but they are not a scam. A scam is
being dishonest.
>
> You also mischaracterize the Hushmail system. The
"classic" Hushmail
> does not generate the keys, and while it holds them,
they're encrypted.
> The secrets Hushmail holds are as secure as the end
user's operational
> security.
Seconded. the java applet is effectively a mail client, a
copy of gpg,
and a copy of the secret keyring; the public keys are looked
up on the
server though, and I suspect/assume that the messages are no
more or
less secure at the hushmail side than your own pgp mail
would be on a
isp imap server (i.e., you could get traffic information
trivially just
by looking, but message content would require being lucky
with the
keyphrase or active co-operation from hushmail to give you a
"gimmicked"
client the next time you log in that reveals that
information.
------------------------------------------------------------
---------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography"
to majordomo metzdowd.com
|
