"Unthinking respect for authority is the greatest enemy of truth."

Welcome to Infoshop News
Wednesday, January 28 2015 @ 12:33 AM CST

Is Hushmail Still Safe?

News Archive

I have been talking to quite a few people about Hushmail and I have been getting mixed reviews. A question from a friend prompted me to further investigate if Hushmail is still safe. For a long time, Hushmail was considered a very secure email provider until an affidavit from a DEA agent in 2007 raised concerns.

Is Hushmail Still Safe?

By Ringo Kamens

from Handbook Revolutionary

I have been talking to quite a few people about Hushmail and I have been getting mixed reviews. A question from a friend prompted me to further investigate if Hushmail is still safe. For a long time, Hushmail was considered a very secure email provider until an affidavit from a DEA agent in 2007 raised concerns.

Up until this affadavit was released, it was assumed by Hushmail users that nobody including Hushmail could read their emails if they used the built-in encryption options. A number of articles spring up criticising Hushmail for handing over 12 CDs of data to Canadian authorities.

According to Hushmail, they will comply with any court orders that are valid in Canada. Because Hushmail is located in Canada, this is a reasonable thing to do. So how did the DEA get ahold of these emails if they couldn’t issue an order under a Canadian court? They did it using the Mutual Legal Assistance Process. The MLAT is a process where a court in say, the United States, can issue a court order, send it over to a country where they have a MLAT treaty, and have it executed there. Some MLAT agreements only cover things like narco-trafficing, while others cover all legal proceedings. According to The Organization of American States, Canada has MLATs with Antigua and Barbuda, Argentina, Barbados, Bolivia, Chile, Colombia, Ecuador, El Salvador, Guatemala, Haiti, Jamaica, Mexico, Nicaragua, Panama, Paraguay, Peru, The Bahamas, Trinidad and Tobago, the United States, and Uruguay. So if you are worried about the courts in any of those countries, many of which could probably be bought, taking your data to Canada won’t make it much safer.

So we know that the data from these accounts was handed over to US authorities, but if it’s encrypted then nobody including Hushmail should be able to see it right? Unfortunately for you, Hushmail stores your private encryption keys and a hashed version of your password. With a court order, Hushmail could be obligated to turn over your private key and the hashed version of your password. Hushmail doesn’t state what type of hashing algorithm they use for the passphrases, but hashes are extremely easy to crack. An average computer can crack a 10-character hash in about a day, and a law enforcement computer that’s dedicated to doing it could probably do it in about a half-hour. The longer your password, the safer you’ll be but even with a really long password, it would still be crackable. If you are not using Hushmail’s Java client, then your passphrase will be sent to Hushmail before it is hashed. A court could order them to intercept this data or modify the Java program to do their dirty work for them.

Update: The post on cryptome has changed and it looks like the checksums do add up if you remove the debug data. Now we can be assured that there is no backdoor According to a post on Cryptome from August of 2008, Hushmail might have done just that. Hushmail provides copies of the source code for their Java program so that users can verify the security of the program. The jar file in the source release is not the same jar file that you receive from the Hushmail mail server when you use Hushmail. This could just be a mistake where the Hushmail developers forgot to upload the new version of the source code, but having that mistake posted on Cryptome should have caused it to be cleared up very quickly. What is possible (and in my opinion, more likely) is that there is some reason that the new source code was not posted.

It should be noted that Hushmail has been incredibly open about their security procedures and where users face risks. They provide users with a full run-down is how their data is handled and how the encryption process occurs. This is a huge leap from most other email providers who won’t tell you anything. If it is true that Hushmail has backdoored their encryption program, this is incredibly sad but we have seen other applications go this direction and the state doesn’t like the idea of people being able to do things in secret.

Even with all the evidence mounting against Hushmail, they still offer more security and transparency than most online email hosts. If you use a program such as Thunderbird bundled with Enigmail or a regular PGP encryption tool such as GNUPG (Windows users go here)with your *own* private key, then you don’t have to worry too much about Hushmail giving you up. At the worst, your adversaries will have a bunch of worthless jumbled text. You should disable things like Java when you’re browsing anyways because of how Java applets can violate your privacy. I suggest NoScript for getting the job done. For the average user, Hushmail still beats services like Gmail and Yahoo Mail hands down, even if their encryption system is backdoored.

  • Facebook
  • Google Bookmarks
  • Ask
  • Kirtsy
  • LinkedIn
  • Digg
  • Twitter
  • SlashDot
  • Reddit
  • MySpace
  • Fark
  • Del.icio.us
  • Blogmarks
  • Yahoo Buzz
Is Hushmail Still Safe? | 2 comments | Create New Account
The following comments are owned by whomever posted them. This site is not responsible for what they say.
Is Hushmail Still Safe?
Authored by: Anonym on Monday, August 04 2008 @ 10:32 PM CDT
The question "is hushmail still safe?" is a pretty ridiculous one, because it wasn't, isn't, and never will be. Any kind of "black box" cryptosystem where you're entrusting a third party to do all your security FOR you is pretty obviously full of some very serious problems. In the case of hushmail it's especially nasty because there exist such simple alternatives to take control of the encryption process yourself, such as with Thunderbird and Enigmail as mentioned in the article (although this too has serious problems, though it's better than nothing). Even better than that is using a pen-and-paper One Time Pad (OTP) which is the communication security method employed by government spies in the field (generally) - learn how at http://exitthematrix.dod.net/books/SpyCounterspy/fs019.html , though that too, like any kind of security, requires rigorous precautions.

Many people in our community might be discouraged by the shortcomings of secure systems like these and refuse to use them because they aren't foolproof, but *NO* secure system is *EVER* foolproof - but they still manage to be extremely useful. Yes, I wouldn't trust my life to an encrypted email's security, but I would sure as hell trust that the government might have to spend $5,000,000 to crack it - which they generally don't want to do.

It might be helpful to consider a parallel example: let's say that you refuse to allow uniformed police officers into your local radical project's meetings (pretty unarguably a good idea). By doing this, you require the government to expend a huge amount of effort to survey the meeting - training and paying a undercover infiltrator or informant, spending weeks or months building trust of that infiltrator in the community, expending large efforts to keep them safe and undiscovered, etc. etc. etc. - it's a pretty serious pain in their butt. And it's all because you employed a basic security measure - telling cops with badges and no warrant to piss off. Usinging cryptography is similar - it's not foolproof, but it's usually a good idea. The one valid concern is with entrusting things that you wouldn't otherwise to the security of your system - for instance, I wouldn't plan a potent sabotage action with people online using Enigmail because I wouldn't do that through "normal" email - but by adding computer and communications security practices to the things we do ALREADY (and maybe a few borderline things that wouldn't be practical otherwise), huge benefits can be reaped. Please don't write such methods off, and please inform yourself about them (and especially about their shortcomings).

Anonymous speech and publishing are essential to maintaining not just free speech, but a free society.
Username: Anonym
Password: anonym

Is Hushmail Still Safe?
Authored by: aragorn on Tuesday, August 05 2008 @ 01:57 AM CDT
You might also be interested in the Angry Nerds Privacy Document.