For those who missed it: Hushmail is pwnd

[Len Sassaman]

On Wed, 7 Nov 2007, J.A. Terranson wrote:

> My guess is that Hushmail has had subpoenas before and had to develop
> and install a modified java applet which captures the passphrase when
> the user enters it.  With that and the stored keys, it can decrypt all
> the stored communications.

I wouldn't be so certain -- getting subpoenas is no big deal for
companies. At Anonymizer, I answered lots of them. Most of the time, I
couldn't comply. (If you pay for your Anonymizer account with your credit
card, and the Feds want to know if you bought an Anonymizer account, well,
you screwed up. Otherwise, I told the guy on the phone the truth -- I had
nothing in my logs about that IP address, sir. And they went away,
quickly and without fuss, unlike when I've had to deal with the same
thing as a private remop.)

Of course, that was in 2003 and times have changed all around -- I don't
think Hushmail was handing out info to TLAs back then either.

Possibly, the problem here is Hushmail's move away from using its Java
applet as default. (It has two modes now -- securish and securisher, from
what I can tell, and the more secure "everything happens in the browser,
including all key operations" part is the optional step now. In the less
secure case, while I haven't analyzed it yet, I believe the keys in those
cases are being stored decryptable on the server. The passphrase is
almost certainly passed to the server.)

But, also, bear in mind that Hushmail has *always* allowed people to send
non-PGP messages, especially to non-Hushmail users. If one party was a
Hushmail user, and one party was not a PGP user, then PGP's not going to
be involved.

Regardless, boo for Hushmail for not disclosing that they were answering
subpoenas like this.

...

There *are* bigger forces at play, though. The "mutual assistance"
provisions of the Council of Europe cybercrime treaty are horrible, as are
these data retention laws. These are going to affect companies based in
any country signed to that treaty, including the US.

Hushmail, in the end, is relatively weak compared to other Cypherpunk
tools, and other ways of using them. The big They are trying to make those
other tools and uses illegal. Already we have people in the academic
privacy field scampering to appease their new masters, and trying to find
ways to do backdoored anonymity safely (are you kidding me? We haven't
even worked out the kinks with regular anonymity systems.) But in the end,
those are academics scared that their field is going to be made illegal,
and so their actions are understandable, if deplorable.

Likewise for whatever Hushmail may be doing.

A statement from the folks over there would be nice.


--Len.