On 11/1/07, Jon Callas <jon callas.org> wrote:
>
> I'm sorry, but that's a slur. Hushmail is not a scam.
They do a very
> good job of explaining what they do, what they cannot
do, and against
> which threats they protect. You may quibble all you
want with its
> *effectiveness* but they are not a scam. A scam is
being dishonest.
I was unable to read the document discussed in the message
that
started this thread, so I retrieved the complaint in US v.
Tyler
Stumbo from PACER. I have placed it online at
<ht
tp://www.parrhesia.com/stumbo_complaint.pdf>.
In particular, the one of the passages referred to in the
initial
message states:
["Item #5"]
A review of e-mails from e-mail address osocabrohushmail.com between
February 14, 2007 and May 17, 2007, revealed OSOCA filled 88
separate
anabolic steroid orders for a total sale of $36,024.00.
During a
review of the e-mails, SA Shawn Riley identified OSOCA'S
Chinese SOS
for bulk powdered anabolic steroids as "GLP". GLP
was using the email
address glpinternationalhushmail.com to communicate
with OSOCA. The
e-mails between osocabrohushmail.com and
glpinternationalhushmail.com showed there were two
shipments of bulk
powdered anabolic steroids from GLP to OSOCA. Both orders
were sent to
Tyler STUMBO at 9530 Hageman; Suite B #192, Bakersfield, CA.
An
address check revealed 9530 Hageman, Suite B, Bakersfield,
CA is a UPS
Store.
[end quoted material]
According to Hushmail's "About -> How Hushmail
Works" page at Figure
1, "The user's passphrase encrypts and decrypts the
user's private key
so that no one but the user ever has access to it. Not even
Team
Hush."
At Figure 4, same page, Hushmail states " [...] The
email may only
be decrypted by using the one-time message key.
* The message key can only be decrypted by using the
recipient's
private key.
* The recipient's private key can only be decrypted by
entering
the recipient's personal passphrase."
At Figure 5, same page, Hushmail states "So, not only
is the email
securely coded before it is ever stored on a server, but the
key to
decode the email is also encoded. Further, the private key
needed to
decrypt this key is also encrypted. Only the recipient can
retrieve
their private key by entering their secret personal
passphrase."
On the page "About -> The Need For Hushmail",
Hushmail states "[...]
By contrast, Hushmail keeps your online communications
private and
secure. Not even a Hushmail employee with access to our
servers can
read your encrypted email, since each message is uniquely
encoded
before it leaves your computer. A Hushmail account lets you
communicate in total security with any other Hush member or
PGP-compatible email user anywhere in the world."
In its "Hush Encryption Engine White Paper"
available at
<https://www.hushmail
.com/public_documents/Hush%20Encryption%20Engine%20White%20P
aper.pdf>,
Hushmail states on page 4: "When the Private Key is
residing on a Hush
Key Server, it is encrypted with a passphrase. That
passphrase never
leaves the user's computer. Hence, at no point is the
Private Key or
any private data ever accessible to anyone at Hush. As long
as you
have a good, strong passphrase, even if Team Hush tried, we
couldn't
get your Private Key.
Furthermore, even if the company were subpoenaed by a court
of law, a
private key wouldn't be accessible. This can be verified by
reviewing
our published source code at http://www.hush.ai/."
In its "Webmail Using The Hush Encryption Engine"
document available
at <https://www.
hushmail.com/public_documents/Webmail%20Using%20the%20Hush%2
0Encryption%20Engine.pdf>
at page 3, Hushmail states: "Hushmail fulfills the
following
requirements: [...] 3. Private keys and private data may
only be
decrypted on the client computer, never on any
server."
In the introductory e-mail sent to new Hushmail users,
Hushmail
states: "Hushmail users can send encrypted email to
anybody with an
email address. If the recipient of your email is another
Hushmail or
PGP user, the encryption will take place automatically
without any
action on your part."
As a longtime paid Hushmail user, I am surprised to learn
that it is
possible to send email to another Hushmail user which is
accessible to
Hushmail corporate employees and, by extension, the
Canadian
government, and any organization they choose to cooperate
with. I was
unable to identify the Hushmail documentation which would
explain the
company's ability to comply with the MLAT requests as
demonstrated in
the Stumbo matter. I was able identify a number of
statements which
would lead the average reader to conclude that the company
is unable
to provide the sort of cooperation discussed in the Stumbo
complaint.
I agree that it is possible that one or both of the
correspondents in
the Stumbo case used a weak passphrase which was susceptible
to a
dictionary attack. I would be surprised to learn that Hush
Communication actively engages in dictionary attacks versus
its users
at the request of the Canadian government. If that is the
case, this
would seem to go beyond an obligation to merely turn over
existing
information, and become active participation in an attempt
to subvert
the security of communication between Hushmail users.
--
Greg Broiles, JD, LLM Tax, EA
gbroilesgmail.com (Lists only. Not for confidential
communications.)
Legacy Planning Law Group
San Jose, CA
California Estate Planning Blog: http://www.estateplanbl
og.com
------------------------------------------------------------
---------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography"
to majordomometzdowd.com
|