[107024] in cryptography@c2.net mail archive
Re: Hushmail in U.S. v. Tyler Stumbo
daemon@ATHENA.MIT.EDU (Jon Callas)
Thu Nov 1 18:09:54 2007
In-Reply-To: <20071101174919.50382.qmail@simone.iecc.com>
Cc: cryptography@metzdowd.com,
auto37159@hushmail.com
From: Jon Callas <jon@callas.org>
Date: Thu, 1 Nov 2007 13:52:28 -0700
To: John Levine <johnl@iecc.com>
On Nov 1, 2007, at 10:49 AM, John Levine wrote:
>> Since email between hushmail accounts is generally PGPed. (That is
>> the point, right?)
>
> Hushmail is actually kind of a scam. In its normal configuration,
> it's in effect just webmail with an HTTPS connection and a long
> password. It will generate and verify PGP signatures and encryption
> for mail it sends and receives, but they generate and maintain their
> users' PGP keys.
>
> There's a Java applet that's supposed to do end to end encryption, but
> since it's with the same key that Hushmail knows, what's the point?
>
I'm sorry, but that's a slur. Hushmail is not a scam. They do a very
good job of explaining what they do, what they cannot do, and against
which threats they protect. You may quibble all you want with its
*effectiveness* but they are not a scam. A scam is being dishonest.
You also mischaracterize the Hushmail system. The "classic" Hushmail
does not generate the keys, and while it holds them, they're
encrypted. The secrets Hushmail holds are as secure as the end user's
operational security.
I know what you're going to say next. People pick bad passphrases,
etc. Yes, you're right. That is not being a scam.
They have another system that is more web-service oriented, and they
explain it on their web site far better than I could. It has further
limitations in security but with increased usability. It is also not
a scam.
Jon
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
