[cryptopolitics] Silent Circle and Secure Email

Adam Back adam at cypherspace.org
Fri Aug 9 18:19:59 PDT 2013


(Thanks for the link.)  It says hushmail had a simplified web-only version (no
java applet) and that the disclosure of client emails did not involve
pressured code changes (at least code shipped to clients), rather that as a
natural consequence of the way passwords would be processed on the server
side and decryption happened on the server side so hushmail had the
passwords, private keys, and decrypted plaintexts at leas in memory to hand
over on request.

Adam

On Fri, Aug 09, 2013 at 08:59:53PM -0400, Jeffrey Walton wrote:
>On Fri, Aug 9, 2013 at 8:56 PM, Adam Back <adam at cypherspace.org> wrote:
>> ...
>>
>> Its less clear what lavabit were talking about.  Perhaps something similar
>> in terms of an SMTP interoperability encryption gap, or alternatively about
>> being pressured to modify code (which people seem to assume, but I didnt see
>> explicitly stated).
>>
>> There were some hushmail rumors about code modification some years back -
>> does anyone know what actually at hushmail?
>Encrypted E-Mail Company Hushmail Spills to Feds,
>http://www.wired.com/threatlevel/2007/11/encrypted-e-mai/.



More information about the cypherpunks mailing list