Hushmail Turns Out To Not Be Quite So Hush Hush

from the privacy-is-an-illusion dept

Many people are familiar with the company Hushmail, who provides encrypted web-based email that the company claims is completely private. In fact, the company makes it clear: "not even a Hushmail employee with access to our servers can read your encrypted e-mail, since each message is uniquely encoded before it leaves your computer." It turns out that isn't quite true. Wired reports that Hushmail handed the feds 12 CDs worth of plain text emails from the service following a court order. The Wired piece goes into great detail concerning what happened here -- and the folks at Hushmail were quite honest about how their service works. Hushmail has two different versions, one which requires a java app to be downloaded, which handles all the encryption locally. The other, more popular one, is entirely web-based, meaning that your passphrase is stored on the server ever so briefly -- and that's how Hushmail was able to access the accounts required in the court order. So, while it's true that Hushmail is mostly secure outside of a court order, the marketing material on the site is at least a little misleading, implying that even in such cases, your email will be encrypted.


Reader Comments (rss)

(Flattened / Threaded)

  1.  
    identicon
    Pesti, Nov 9th, 2007 @ 1:27am

    Why am I not suprised....Privacy is slipping away

     

    reply to this | link to this | view in thread ]

  2.  
    identicon
    Anonymous Coward, Nov 9th, 2007 @ 1:29am

    Warnings

    Various security experts have been warning about Hushmail (and similar services)for years. Some people just won't listen though.

     

    reply to this | link to this | view in thread ]

  3.  
    identicon
    Anon, Nov 9th, 2007 @ 2:23am

    and locally?

    What would have happened if the emails were from account owners who encrypted locally?

    Would they have still been able to find a way to move encrypted emails into plain text for a court order?

    I'm sure a similar reasoning would be used in that case.

     

    reply to this | link to this | view in thread ]

  4.  
    identicon
    Sean, Nov 9th, 2007 @ 3:02am

    Re: and locally?

    The Feds have trojans they download to sniff out passwords. If I recall correctly, Techdirt have done posts on this very subject not so long ago.

     

    reply to this | link to this | view in thread ]

  5.  
    identicon
    Anonymous Coward, Nov 9th, 2007 @ 3:29am

    Re: Re: and locally?

    The Feds have trojans they download to sniff out passwords. If I recall correctly, Techdirt have done posts on this very subject not so long ago. They have experts at waterboarding that they can use for password recovery too.

     

    reply to this | link to this | view in thread ]

  6.  
    identicon
    Anonymous Coward, Nov 9th, 2007 @ 3:56am

    At least there was a court order this time.

    Gee! The feds followed the law, got a court order first and nothing blew up. How dare they take such risks with our safety!
    (/sarcasm)

     

    reply to this | link to this | view in thread ]

  7.  
    identicon
    Prime Minister, Nov 9th, 2007 @ 5:35am

    RTFA!!

    For those of you too lazy to RTFA:

    [Hushmail] is useful for avoiding general Carnivore-type government surveillance, and protecting your data from hackers, but definitely not suitable for protecting your data if you are engaging in illegal activity that could result in a Canadian court order.

    That's also backed up by the fact that all Hushmail users agree to our terms of service, which state that Hushmail is not to be used for illegal activity. However, when using Hushmail, users can be assured that no access to data, including server logs, etc., will be granted without a specific court order. Smith also says that it only accepts court orders issued by the British Columbia Supreme Court and that non-Canadian cops have to make a formal request to the Canadian government whose Justice Department then applies, with sworn affidavits, for a court order.

    Hushmail is a Canadian company. The US government made a request and the CANADIAN company complied when a legit court order was presented.

    READ THE F*CKIN ARTICLE!

     

    reply to this | link to this | view in thread ]

  8.  
    identicon
    Overcast, Nov 9th, 2007 @ 6:17am

    Just again - one more reason to be further sure that... computer's aren't nearly as secure as they are hyped out to be.

     

    reply to this | link to this | view in thread ]

  9.  
    identicon
    lar3ry, Nov 9th, 2007 @ 6:47am

    I, for one, think this is GREAT

    Hushmail states up front that they do not condone the use of their product for illegal activities, and therefore they will comply to the best of their ability with any valid court order given them. The order needs to come from a court that has power in their jurisdiction (provincial court or possibly the Canadian federal courts), which makes it a bit of a harder hurdle for people from, say, the USA DHS who might just be on a fishing expedition.

    They have complied with a legal order, and they are up front in exactly what they did: provided about 12 CDs of emails (without delving in exactly what those CDs contained).

    In this day and age, seeing such candor and honesty by a corporation is refreshing and gives me a (small) hope that sometimes there are nice guys out there. Their service makes it clear in what circumstances they will comply, and they also make it clear that they are not able to unencrypt email sent from their Java client (which is a bit more of a hassle to use). They don't promise a rose garden, but they don't hide the thorns, either.

    The article would make me MORE prone to use their service, as opposed to some other vendor that might cave in to the "nosy neighbor of the week," or that might have a back door into your supposedly-encrypted email that they are willing to share with the people in black hats.

    Hooray for the good guys!

    Oh... if you are doing something illegal, I hope you get caught. Just because I don't want my private life spewed all over the internet doesn't mean you have the right to get away scot free with your dastardly deeds. If the government asks for your encrypted email and has reason to suspect that it is worth a twenty man-year effort to decrypt it to prove a case, they will do so, and there's nothing you can do about it except avoid doing illegal things.

     

    reply to this | link to this | view in thread ]

  10.  
    identicon
    Jack o. Trades, Nov 9th, 2007 @ 6:55am

    Re: I, for one, think this is GREAT

    Well, while this poly-anna replies about the great and good are nice, one should as a more basic question. What happens when the Government is wrong? What happens when what you are doing is legal then is ruled illegal. Privacy is a right like the second amendment is for guns. It sets those in power on notice that a normal everyday person is protected. IF "they" deem it bad then is it bad?

    You would do well to think about such things before you go off and suggest its ok for the good guys to save us from ourselves.

     

    reply to this | link to this | view in thread ]

  11.  
    identicon
    TheDock22, Nov 9th, 2007 @ 6:57am

    No problems here

    I think Hushmail did the right thing. A court order was given and they complied. It is silly to think that an email service company would really encrypt all your emails so that they can not comply with a court order and leave themselves open to nasty legal battles.

    At least they waited for a court order and did not just hand over the information like other companies.

     

    reply to this | link to this | view in thread ]

  12.  

    Everything can be seen

    It seems to me that anything ever written on a computer can be read, regardless of the protections you think you might have. As I have stated before, I would never type anything on a computer that I wouldn't want to be seen.

     

    reply to this | link to this | view in thread ]

  13.  
    identicon
    countzero, Nov 9th, 2007 @ 8:32am

    not targeted

    So be it, they got the court order, the police should be able to do what they need to to gather information for a case or whatever. However. 12 cd's of plaintext is what, 1.5 million full pages or so? Even if they were targeting a crime ring or something along those lines, that amount of information is absurd. The fact that the police went through the right channels gives me some hope, but that they just grabbed everybody's emails disgusts me a bit.

     

    reply to this | link to this | view in thread ]

  14.  
    identicon
    Anonymous Coward, Nov 9th, 2007 @ 9:01am

    Countzero is the only one so far to address the real issue:

    That Hushmail handed over 12 CD's worth of email. I doubt any human being could send or receive enough email in a lifetime to fill twelve CD's.

    If Bill does an illegal act and the courts ask for Bill's email through the proper channels, then handing over just Bill's email is one thing. However, it sounds like Hushmail handed over ALL of their users email, not just the evidenciary email. That is the issue at hand. They should not violate all of their customers privacy in that way, nor should any government have the power to demand that ALL the email, even that unconnected to their case, be handed over.

    Hushmail IS in the wrong here.

     

    reply to this | link to this | view in thread ]

  15.  
    identicon
    Freedom, Nov 9th, 2007 @ 9:29am

    Re:

    You are assuming text based e-mails. E-mails with attachments could very easily consume 12 CDs. For instance, let's say this person was using the account for child porn or something - would it be that difficult to fill up 12CDs with those types of e-mails?

    They could have also included logs which tend to be extremely verbose and can add up quickly.

     

    reply to this | link to this | view in thread ]

  16.  
    identicon
    nipseyrussell, Nov 9th, 2007 @ 9:46am

    Mike says plain text, but i dont see that in the e-mail. Also the article says "turned over 12 CDs worth of e-mails from three Hushmail accounts" not the whole enchilada

     

    reply to this | link to this | view in thread ]

  17.  
    identicon
    TheDock22, Nov 9th, 2007 @ 9:54am

    Re:

    Yea, I think your wrong on this one. I just backed up my email the other day and I filled up 5 cds worth of stuff on my own. With attachments I really needed the space.

    Plain text email with attachments from a few users could easily fill up 12 cds.

    So, you need to not make finite statements like I doubt any human being could send or receive enough email in a lifetime to fill twelve CD's. It makes you seem like a fool.

     

    reply to this | link to this | view in thread ]

  18.  
    identicon
    Anonymous Coward, Nov 9th, 2007 @ 12:30pm

    Re: Re:

    I don't buy it. I have five years worth of mail stored in my email account, including potentially thousands of attachments which mostly constitutes image files.

    The total size is just over 1 gigabyte of data, not even enough to fill two CDs. Image files are very small, a few kilobytes worth of data, and most email services have size limits that prevent attachments that are too large, such as video files from being sent.

    I stand by what I said that 12 CDs (which averages out to around 8 Gigabytes of data) sounds like more than just 1 or 2 accounts.

     

    reply to this | link to this | view in thread ]

  19.  
    identicon
    Sean, Nov 9th, 2007 @ 12:35pm

    Re:

    Plain text as in not encripted

     

    reply to this | link to this | view in thread ]

  20.  
    identicon
    Anonymous Coward, Nov 9th, 2007 @ 12:42pm

    Re: RTFA!!

    READ THE F*CKIN ARTICLE!
    So who did you think didn't?

     

    reply to this | link to this | view in thread ]

  21.  
    identicon
    Anonymous Coward, Nov 9th, 2007 @ 1:05pm

    Re:

    Mike says plain text, but i dont see that in the e-mail.
    I suspect Mike should have written 'plaintext' rather than 'plain text'. 'Plaintext' just means 'unencrypted' and can include attachments and stuff other than just plain text.

     

    reply to this | link to this | view in thread ]

  22.  
    identicon
    Anonymous Coward, Nov 9th, 2007 @ 1:15pm

    Re: Re:

    Plain text email with attachments from a few users could easily fill up 12 cds.

    E-mail messages with attachments are not plain text. Plaintext does not mean "plain text" and making statements about "plain text email with attachments" makes you seem like a fool.

     

    reply to this | link to this | view in thread ]

  23.  
    identicon
    TheDock22, Nov 9th, 2007 @ 1:53pm

    Re: Re: Re:

    E-mail messages with attachments are not plain text. Plaintext does not mean "plain text" and making statements about "plain text email with attachments" makes you seem like a fool.

    Ah well on this forum I assumed most people were astute enough to understand plain text (plaintext) as encrypted. I am either a fool or hopefully optimistic.

     

    reply to this | link to this | view in thread ]

  24.  
    identicon
    claire rand, Nov 9th, 2007 @ 2:46pm

    if its important enough to care about privacy, then do the blinding obvious.. encrypt it yourself before sending it..

    if you let a company encrypt if for you, well you get what you deserve.

    can't blame the company at all for this, at least they are open about what they will do, and waited for a court order.

    what exactly do people expect?

    if you are serious about sending a 'secret' message its not exactly hard

     

    reply to this | link to this | view in thread ]

  25.  
    identicon
    lar3ry, Nov 9th, 2007 @ 2:59pm

    Re: Re: I, for one, think this is GREAT

    What happens when the Government is wrong? In a perfect world, you will be found innocent. In the real world, things go sometimes go awry. I'm not a Pollyanna, but I'm also not an alarmist.

    What Hushmail is doing does not impact this one iota. They are doing what they advertise they are doing, and when they are asked to give over customer data, they are forthright about it.

    I do think of such things. I don't expect ANYBODY to save me from myself except, perhaps, myself. And I hope that people that would utilize a useful tool for illegal purposes get nailed in the same way that a person that uses a gun to commit a crime.

     

    reply to this | link to this | view in thread ]

  26.  
    identicon
    Jamie, Nov 9th, 2007 @ 3:09pm

    Thank you, Claire Rand! Finally someone got the point: Hushmail offers Java-based software that will encrypt outgoing data *before* it even gets to Hushmail and then will decrypt it after it leaves Hushmail. When used, Hushmail sees nothing but encrypted gibberish. The people who had their plaintext email passed onto law enforcement were to damned lazy to use the software and instead uploaded plaintext messages for Hushmail to do the encryption on the server end. That's stupid. It's like walking into a busy post office and dictating your secrets to the clerk behind the counter so everyone else can hear and then asking that the message be sent in a secure package.

     

    reply to this | link to this | view in thread ]

  27.  
    identicon
    Anonymous Coward, Nov 9th, 2007 @ 3:56pm

    Re: Re: Re: Re:

    Ah well on this forum I assumed most people were astute enough to understand plain text (plaintext) as encrypted.

    Wow. How dense are you? It's been explained to you in simple terms and yet you still don't understand that plaintext isn't encrypted and that "plaintext" doesn't mean "plain text".

    I am either a fool or hopefully optimistic.

    I don't know about the latter but you're certainly showing yourself to be the former.

     

    reply to this | link to this | view in thread ]

  28.  
    identicon
    Anonymous Coward, Nov 9th, 2007 @ 4:26pm

    Re:

    Thank you, Claire Rand! Finally someone got the point:
    Yes, Claire got it right.

    Hushmail offers Java-based software that will encrypt outgoing data *before* it even gets to Hushmail and then will decrypt it after it leaves Hushmail. When used, Hushmail sees nothing but encrypted gibberish.
    Maybe, maybe not. You see the problem with Hushmail's Java applet is that you can't verify that it is secure. While Hushmail does publish the source code for an encrypting Java applet you still can't be sure that it corresponds to what is actually downloaded to and run on your computer each time. That's why you should use only open-source encryption software that you can verify and install on your own computer if security is really important to you.

    The people who had their plaintext email passed onto law enforcement were to damned lazy to use the software and instead uploaded plaintext messages for Hushmail to do the encryption on the server end. That's stupid.
    As explained above, using their Java applet could also be said to be lazy and stupid. Good security usually isn't easy to implement. That's why most people don't do it.

     

    reply to this | link to this | view in thread ]

  29.  
    identicon
    Billy Boy, Nov 9th, 2007 @ 5:44pm

    I'm right in my assumption that encrypted email I send to someone is vulnerable to be compromised if the recipient is lax at their end, aren't I? In this case, even if the senders were vigilant in their encrypting, the fact that the recipient wasn't, made all of their emails (to that recipient) readable.

     

    reply to this | link to this | view in thread ]

  30.  
    identicon
    Anonymous Coward, Nov 9th, 2007 @ 6:45pm

    Re:

    I'm right in my assumption that encrypted email I send to someone is vulnerable to be compromised if the recipient is lax at their end, aren't I?
    Absolutely. Encryption is just a tool and not a substitute for good judgment. You should have the good sense to not send confidential information to unreliable recipients.

    In this case, even if the senders were vigilant in their encrypting, the fact that the recipient wasn't, made all of their emails (to that recipient) readable.
    And all of the messages from those recipients back to the sender as well. Encryption only protects the message from those without the key, it doesn't make the recipient reliable. It's kind of like having a lock on your house but then giving a key to bad neighbor. The lock may protect your stuff from people without the key but it won't keep the bad neighbor from ripping you off.

     

    reply to this | link to this | view in thread ]

  31.  
    identicon
    anonymous email, Dec 8th, 2007 @ 7:15pm

    Think Twice!

    Hushmail isn't offshore enough. If you think that you are protected just over the border then you are completely wrong. Choose your secure email provider wisely!

     

    reply to this | link to this | view in thread ]

  32.  
    identicon
    barbiedoll, Mar 24th, 2008 @ 5:49pm

    Data Locking

    Check out www.datalocking.com as I would love to hear any thoughts on their idea! It appears that the data/text info is owned by a third party and the server is off shore in Costa Rica (who does not extradite info to the USA--hence that is where off-shore gambling and off-shore banking are flourishing.)

     

    reply to this | link to this | view in thread ]

  33.  
    identicon
    bogus boghart, Dec 2nd, 2009 @ 6:42pm

    hmm

    what i don't get is why the feds aren't burning emails on dvds. come one get with the times.

     

    reply to this | link to this | view in thread ]

  34.  
    identicon
    Rick, Dec 12th, 2009 @ 9:47am

    choosing email providers

    If you are concerned about the US government (or the EU now) reading your email, you need to select a service outside those jurisdictions and in a country that can resist pressure from other, more powerful countries. There is a table comparing several secure email providers, including their locations, on the novo-ordo website at http://www.novo-ordo.com. There are also pages discussing other aspects of computer security there.

     

    reply to this | link to this | view in thread ]

  35.  
    identicon
    harry potter, Oct 21st, 2013 @ 8:21pm

    oh my god use megabytes not cds

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This