Is Hushmail Still Safe? 264
Ringo Kamens writes to ask if the use of Hushmail can still be considered a secure method of communication:
"For a long time, Hushmail was considered a very secure email provider until an affidavit (PDF) from a DEA agent in 2007 showed that they had handed over 12 CDs of possibly decrypted data to law enforcement. Now, Cryptome has posted that the Hushmail encryption program is no longer the same program for which Hushmail releases their source. Is Hushmail even safe to use anymore?"
Re:no encryption that YOU didn't write is safe (Score:5, Interesting)
Re:no encryption that YOU didn't write is safe (Score:3, Interesting)
You mean like that incident with Debian recently where some genius commented some lines that were spouting a warning in GnuPG, and it turns out that the keys generated for SSH were MUCH weaker to brute force crack than the usual ones? Yeah, most brilliant minds tend to miss things. Expert worship is a way to get one's self killed or maimed while waiting for the experts to verify that said incident actually COULD cause the maiming or killing to occur.
Be real... nothing is 100% safe. Your only real safety is to be A) a hardass who takes no shit from anyone.. and B) not play the government's game. Don't ask anything of them, do not answer their questions. Play your game... let the serfs get what they got coming. Not your problem. Not mine either. Fuck'em, they wanted nanny state to exist, now let them live with their beloved papa guv'.
Re:this has been the case all along (Score:0, Interesting)
you're probably better off encrypting your emails yourself instead of allowing a third party to convince you that they have encrypted it.
Errr, with what exactly? PGP/GPG? Some other freeware encryption that still uses a published algorithm? Think our Government doesn't have the capability of decrypting them all, or more to the point the capability of demanding unencrypted data be handed over?
I congratulate you on your zenlike elevation of being. Ignorance must be very blissful.
Re:this has been the case all along (Score:3, Interesting)
No, they don't have that capability. Please read any beginners book on crypto.
Re:The file is obfuscated (Score:5, Interesting)
Re:this has been the case all along (Score:4, Interesting)
What came out during the earlier revelations was the company handed over email that they decrypted on their servers, but couldn't do so for the applet based encryption. They said up front that the applet was far more secure.
IIRC, Hushmail started passing out 'bad' java applets so that they could grab encryption keys.
Re:no encryption that YOU didn't write is safe (Score:2, Interesting)
...Of course they could torture you now but even that isn't much of a threat to anyone not labelled a terrorist by the US.
But people who don't hand over their laptops and their encryption keys to DHS are terrorists! Right?
Re:no encryption that YOU didn't write is safe (Score:3, Interesting)
Governments don't have any magical ability to find flaws in encryption that ordinary academics don't
But they do have lots of academics, and often some of the very best. Case in point: the NSA discovered differential cryptanalysis years before anyone else (that we know of) and was aware that several commercially important algorithms were susceptible.
Re:this has been the case all along (Score:2, Interesting)
Assuming that Apple has no problem with the GPL, then I suppose the Mac users of the world should submit feedback [apple.com]. Thunderbird users can leave feedback here [mozilla.org]. Hell, leave feedback for both. Widespread adoption of GPG can't hurt anyone.
And you're right, GPG doesn't encrypt headers. If we did encrypt headers, we'd have to find a replacement for SMTP⦠SMTPSEC? Given the popularity of DNSSEC compared to DNS, I don't see that happening.
Re:no encryption that YOU didn't write is safe (Score:3, Interesting)
if I may:
"Is AES full of back doors for the NSA? Almost certainly not, since these could also be used by any resourceful group of cryptographers, including the Boogey Man [wikipedia.org]."
Re:this has been the case all along (Score:3, Interesting)
If only popular email clients would ship with encryption built in, set up by the account creation wizard and turned on by default...
But how do you swap keys?
At this point, it would be nice for some organisation to just start signing PGP keys when you fax them a driving license or something, the equivalent to a CA but for PGP keys which traditionally needed huge effort to figure-out if the key matches the person.
Re:no encryption that YOU didn't write is safe (Score:4, Interesting)
You've seen the list, then? (Score:3, Interesting)
You make it sound like not just anyone can be (of those who haven't already been) declared a terrah-ist. It doesn't take much - and as with so many [google.com] things these days, they don't even need a warrant [usdoj.gov] to get you into "the club". All they need is for you to have a laptop and you're fair game. If you have a laptop and they haven't picked you at the airport, don't get high and mighty - remember there's literally nothing to stop them from doing it when you're 100% legal or not. Habeus Corpus and all that jazz we learned in High School is more or less out the window at this stage.
Have you seen the watch list or heard of some rules surrounding this or something?
-Matt
Re:this has been the case all along (Score:5, Interesting)
From my own admittedly anecdotal experience, I'd say Hushmail is just a way to make money. Not only do they constantly bombard you with pleas to upgrade to their paid service, but they are supposed to delete your account if you don't check it every 3 weeks. But my account was deleted under this claim when it had been only 1 week since I checked it. Yes, I'm sure. Not only that, but when I tried to create an account with the same name, whenever I pressed okay I got an error message that I couldn't use that name without upgrading. After that I'd started using GPG with Gmail. Both are free.
I guess I'm old-fashioned, or just learned better because I was raised in a poor rural area, but it's better to learn how to do something yourself if it's easy anyway than to pay someone too much to do it for you.
Article is misleading (Score:3, Interesting)
Hushmail only stores your private key in encrypted form, encrypted with your passphrase. It gets decrypted only on your machine, by the Java applet. Yes, this does mean your security depends entirely on the strength of your passphrase. Use http://www.diceware.com./ [www.diceware.com]
As for hashes being easy to crack, please. A dictionary attack isn't a crack of a hash, and reversing a hash algorithm is still beyond the state of the published art. Making collisions, yes, but recovering original text, no.
begging the question (Score:2, Interesting)
Why are we posting so many rhetorical questions to Slashdot lately?
Re:this has been the case all along (Score:3, Interesting)
For email that was decrypted on their servers using the Outlook plugin, they were pretty much forced to hand it over or be shut down bu the Powers that Be in their country.
Hushmail offers one service that no other E-mail company provides -- decryption of E-mails on the local client. I can sit at any machine that has a JVM and that is trusted to not have a keylogger, log onto Hushmail, and decrypt any new mail locally. The mail remains encrypted on Hushmail's servers.
Another advantage of Hushmail is their nym service. Not nyms with the same prefix like Yahoo's that someone can figure out are owned by a single person, but pretty much any name. This comes into handy when dealing with suspect people who you want to interact with E-mail, but whom you do not want to risk having them know who you are really are or have your real E-mail to spam (Craigslist transactions for example.)
Re:Snail mail FTW. (Score:4, Interesting)
Nice try, but generally trivial to break. For starters, there's the always popular method of steaming envelopes open.
Of course, that's pretty easy to prevent -- for example, people who cared have used wax seals for centuries.
That's still a long ways from secure though. For example, one trick (also known for a long time) uses a thin metal rod, split along its length. You insert the rod under the end of the envelope flap, where there's no seal. You catch the letter where it's folded, with one side of the fold on each side of the split, then twist the rod to roll the letter up, and remove it back out the end. When you're finished reading it, you reverse the process to re-insert the letter into the envelope.
It's no accident that, historically, most countries' code-breaking agencies have been attached to their postal services...
PDF (Score:2, Interesting)
Have you seen what's under the black boxes in this pdf: http://static.bakersfield.com/smedia/2007/09/25/15/steroids.source.prod_affiliate.25.pdf
My acrobat reader version (for linux) displays the letter, and then it applies black box overlays, so for a short moment I can see what's behind them. E.g.
page 9 (of pdf doc - not the letter itself). ... is subscribed to Tyler S, STUMBO, DOB: ** 09-14-19xx **....
the same applies to other black boxes (SSNs and so on).
Re:no encryption that YOU didn't write is safe (Score:4, Interesting)
*chuckle*
Yep, check some of my past posts. I actually do. I got to spend a dozen or so of my formative years in such a lovely "democracy" as it was. Very easy to spot this stuff growing here. Most Americans I talk to say "it'd never happen here, we'd vote them out of office long before that."
Hah... kinda how they voted Lincoln out of office for violating his oath (regardless his views on slavery or the independence of the southern states, he violated an oath he took that had his life as remedy for violation, execution was the price of treason to that oath)... or how they voted Wilson out for taking them into the war despite having gotten elected solely on his promise to "keep us out of the war" ?
My folks came here with me and built a business from scratch, amidst "go back where you came from" idiocies and "they came to take jobs away from Americans" stupidity. Hell we all built businesses as time went on and GAVE jobs to Americans. Many of whom were proven to not deserve them. Some of whom even cost us in the price of citations for their own negligence or laziness. Finding good people was very hard. Eventually we all retired... and I can tell you it wasn't soon enough, IMHO.
Some of the stupidest people I've ever met were here. Provide them with a good job and high pay, and they make fun of your origins or slack off when you're not around. None of them think... "hey, if this foreigner goes out of business, my 17 bucks an hour are out and I go back to the regular payscale of 15 tops! and no chance at a raise!"
So yes, I reserve the right to be quite pissed looking at Americans, as some of the most materially blessed people in history, and some of the stupidest fools to ever have lived. I view the immigrants the same way. All of them were given a nation like no other, codified protection for quite a few important rights. And what do they do? They bring that nanny state shit with them from abroad, and as if they couldn't get it, raise it on a pedestal as if it was not the same damn thing they had fled from just a few years before. Mine were different, but only because they built businesses and learned that government was nobody's friend. Not even the handout seekers. It won't be too long now... one good economical crash, and one loud cry for help from the stupid ones... and down the drain it all goes... clampdown and all. Man it'll be worth watching the stupid finally get theirs, just like I'm sure the Titanic was worth watching sink.
Re:Simple Answer (Score:3, Interesting)
For a good primer on encryption pick up Bruce Scheiner's Applied Cryptography. You can also find a lot of resources online, like wikipeida, though those articles can get a bit technical. I hope that you can learn that encryption can be utilized by almost any competent programmer, and that it is not the program you should distrust, but rather third parties. That is, after all, the heart of encryption, knowing who and what to trust and giving everyone else hell.
I think you need to re-read it. What I took away from the book is that even if the crypto library is perfect, even good programmers are likely to screw up its usage. For example, see the recent Debian SSH mixup. That guy wasn't an idiot, but made a subtle yet completely fatal mistake.
No, I don't trust the program. Unless it's been heavily vetted like GPG (or OpenSSL as you mentioned), I assume that it has a subtle vulnerability that makes it worthless. If you don't feel the same, then I doubt whether you actually read "Applied Cryptography".
Re:this has been the case all along (Score:3, Interesting)
I can send a signed or encrypted email anytime I want from mail, with no extensions. I just have to have my public and private key loaded into it (which I do) and have to have a copy of your public key. Then I just click the padalock. Oh, thank you for the reminder, my key was expired last week, heh.. got another one just now for free. Anyway, now I can click the "sign" badge and sign my email to you even if you don't have any keys. If I have your public key and I receive an email from you, it will show it has been signed by you so I can verify you sent it. If you encrypted it using my public key, only I can decrypt it, and vice versa. You need to have sent me a signed email after getting yourself a key before I can send you anything encrypted.
Whenever someone sends me a signed email, their public key is automatically added to my keychain too. So it's all built-in, and mostly automatic. No plugins or anything else to hassel with. Just download your key, (which installs into your keychain automatically) and relaunch mail and you're done.
The biggest hassel is dealing with Thawte to get a key if I want to sign or encrypt anything. But its free and has come a long ways since I started using it.
Re:this has been the case all along (Score:4, Interesting)
Really, seriously? You must be uber-leet to spout off 20-year-old propaganda about how the NSA can break anything ever -- the easiest way for them to break you crypto is to convince you it's not worthwhile to do in the first place.
Now, it's possible that there is some algorithmic flaw in AES or RSA that the NSA has discovered and no one else has noticed. But neither algorithm is something that some no-name math student slapped together and got published, nor was the NSA even vaguely involved in their development, which is where many of the concerns (and FUD) about DES originated.
And I actually have studied the GPG implementations of both AES and RSA, and verified by hand that their binaries produce the same output as my calculations. I've also studied the primes and nonce selection and padding algorithms and have likewise convinced myself that they are valid. There may be other bugs in the program, but I have satisfied myself that they are not broken in any way that produces known exploits.
Do you have any specific reason to doubt the algorithmic soundness of RSA or AES, to believe that GPG doesn't have valid implementations, or to believe that the NSA or anyone else has the ability to crack either algorithm in a reasonable amount of time without a flaw in the algorithm or implementation?