Slashdot Mirror

From the HushMail FAQ:

Can HushMail protect against keystroke recording?

Hush cannot protect the user against this kind of security threat as our system is designed to ensure secure transmission of data between computers only. If a HushMail user's private computer has been compromised or if they are accessing their HushMail account from the workplace where keystroke recording software is installed, their HushMail passphrase may be accessed by a third party.

To combat keystroke recording software, we suggest you:
* Change your HushMail passphrase regularly
* Choose a secure passphrase
* Update your virus checking software regularly
* Send sensitive communications through your private/home computer

well, maybe we should all use dasher now, to get around keylogging.

dasher+hushmail == very good.

I don't know if this issue has ever shown up in any other Web mail sites, but there has been a CERT advisory about it. If you send a non-malicious Javascript, it is kind of cute. Of course, I'm sure there are malevolent people out there who could use it for nasty stuff.

An easy to use interface and pgp/opengpg compatibility are included in the free email service Hushmail. It does encryption as transparently as I've seen it done. Their tech support sucks for fixing problems because they never respond to queries from their paying members (I hope they're reading this), but other than that, it is a relatively good service.

Yahoo used to be a pretty cool mail service, a place to have a permanent email address regardless of where you were at, but that has changed, now they have removed some of the best features pop and forwarding, and you have to put up with ads and spam.

And then they want you to pay through the nose for the pop and forwarding. For 25MB extra storage space I was already paying $30 per year, which should be more than enough to cover their costs for my account.

Fortunately Yahoo is not the only one in this space. Of course, there is hotmail, but unfortunately it's even worse, i.e. spam and only 2mb storage space, so it's better to try something else.

Emailaddresses.com has a list of free web based emails and for a fee emails. I'll probably be switching to Runbox.com which offers 100MB for 3 years for $59, with no ads and a lot more features than yahoo offers for the same price.

hushmail.com might be a good one if you always run IE as your web browser.

I'd be interested to know of any other decent web and pop email service alternatives.

While doing this, I discovered that quite a few companies do support OpenPGP but it's our job to continue this effort in 2 ways:

1. Educating others about it
2. Participating in development efforts (and this also means bug reporting, translation and documentation, stuff that even I can do!)

For a sample of companies supporting OpenPGP "movement" as Salon calls it, see:
http://www.openpgp.org/members/

It's a shame that the Salon article totally ignored to mention at least two of the easier (although not easiest) ways to use OpenPGP: Enigmail (for Mozilla/Netscape) and WinPT (for Windows/clipboard-based), among others.

They also fail to mention that GnuPG really is the command line application/libraries, and then there's a layer of front end or integration to other products. A thourough visit of GnuPG.org will reveal this.

Finally, for the webmail-oriented crowd, there's also Hush Mail (which is, BTW, a company that PZ joined after leaving NAI). What's so technically difficult about using this ?

"and the integration with current mail programs sucks! " Think Hushmail. Encryption standard web based email system.

Learning to use the traditional remailer network takes some time and effort. And this time and effort pays off handsomely by providing the user with a highly secure method to communicate privately and anonymously. But many privacy-minded folks (and their ranks are increasing daily!) are looking for an easier and less time-intensive approach. Some are even willing to pay for it. To satisfy this niche there have arrived many new products and services that provide various combinations of anonymous email, newsgroup posting and Web-surfing with varying degrees of anonymity.

I have provided URLs for some of these services below. I have categorized them into two groups: free of charge and fee-based. Noteworthy amongst these is the fee-based Freedom Software by the Montreal-based Zero Knowledge Systems (ZKS). Launched in December 1999, Freedom is a 'privacy system' not unlike the traditional remailer network . It allows users to send email, post to newsgroups, chat and surf the Web in total privacy without having to trust third parties with their personal information. Freedom users create multiple digital identities - "nyms" - with which their online activities are associated. All data packets Freedom users send are encrypted and routed through a global privacy infrastructure called the Freedom Network, which is hosted by participating ISPs and other independent server operators. A 30-day free trial is available.

The package has been criticized <http://cryptome.org/zks-v-tcm.htm> for not being open-source. But that is changing. The source code of the kernel module of the Linux version of Freedom <http://opensource.zeroknowledge.com/> has been released; and the release of the Windows version source code is "coming soon."

Free of Charge
GILC Web-Based Remailer <http://www.gilc.org/speech/anonymous/remailer. html>
Hushmail <http://www.hushmail.com>
Safeweb <http://www.safeweb.com>
Zixmail <http://www.zixmail.com>
Anonymouse <http://anonymouse.is4u.de/>
COTSE <http://www.cotse.com/home.html>
Somebody.net <http://somebody.net/>
ANON.XG.NU's Web-Based Remailer <http://anon.xg.nu/remailer.html>
Chicago <http://xenophon.r0x.net/cgi-bin/mixnews-user.c gi>

Fee-Based
ZKS Freedom <http://www.freedom.net>
SkuzNET's The Internet Mail Network <http://www.theinternet.cc/ http://www.mailanon. com/>
IDcide <http://www.idcide.com>

Stephan

what's wrong with hushmail or ziplip??

both are web accessible and secure as long as you talk to others that are also on the same system. hushmail uses a java applet and depending on which version you are using the blowfish algorithm or a PGP spin-off. off the top of my head, I don't recall what ziplip uses.

there are

This is really sad to hear. We have seen to many good, anonymous services go down. It all started with DigiCash and Chaum, a payment system utilizing blind signatures. True(!) anonymous payments. And ZKS also had the right tools at hand to create anonymity. Maybe you will move ahead and do something in the private credential arena. Brands' patents should work fine for that ... Readers interested in some level of anonymity for the masses should check out Hushmail and Zendit for anonymous, encrypted email services. And the other usual suspects like Anonymizer.com (BAH!). Good luck to Zeroknowledge!

For those of you left out in the cold by this, Hushmail provides secure e-mail at a reasonable fee (I forget what I paid) or free accounts. Although if today's message is anything, supporting privacy services with money should be considered if you're going to use the service often!

Sometimes I feel this fight is senseless. Accept the red pill and Windows.

Alex

For anonymous email, one can use the following: ENCRYPTED WEB-BASED MAILSERVER HushMail LokMail ZixIt ManiacMail For ANONYMOUS WEB SURFING Anonymizer SubDimension HREF='http://www.safeweb.com/'>SafeWeb

This isn't a question for Zimmermann, it's a question for anybody who knows. What can you do when, like him, you're misquoted in by a journalist?

From the sounds of it, he did everything you could expect someone to do to avoid being misquoted. He emphasized to her he did not feel "overwhelmed with guilt", had her read the article to him over the phone before it was published, and was still misquoted thanks to an editor.

I imagine in certain circumstances you could sue the newspaper for libel, but what else can you do? What are your rights to: 1) not sound like a complete moron, 2) not be quoted out of context, 3) not be misquoted, 4) not have words put in your mouth.

And while we're on the topic, another question for the masses. From what the DoJ and others are doing, I'm getting less and less willing to send my email in plain text. The problem is that my technically unsophisticated friends don't have PGP, and I'm afraid it might be too tough for them. I know I could point them at hushmail (http://www.hushmail.com/), but are there any other good options? Also, what good arguments can I use to convince them it's worth the effort?

Btw, by "technically unsophisticated" I mean one until a couple of months ago was using a 486 and windows 3.1. I can't expect them to switch to Linux yet, but I want to help them find a good way to use pgp.

It's not lying when you refuse to tell people information that they're not entitled too. It really depends on how strong you believe in your cause. Microsoft has to sell this thing to something and under their terms, you must tell them who you are in order to use the product. This is part of the compensation for their product. In fact it might even be said that this is compensation for the discount incurred over purchasing such products separately. Or, on the other hand if you believe that you will hold on to your name from Microsoft 'til the grave, you obviously believe in that. If such is the case, then giving falsified information is not lying, it is protecting your reasonable expectation of privacy in your mind. To reiterate, if you believe that Microsoft is not entitled to such information, you're not lying. Would you consider putting "NULL" in every field to be lying? You didn't lie. You merely declined comment. And I know the next question is what about an e-mail to register to for login. Go to Hushmail where you can get an email adddress in the form of autoxxxxx@hushmail.com (xxxxx being a number) generated with you giving no binding information. There are ways to remain relatively anonymous if you really feel the need to do so. Just be creative.

In all of these situations, there have been several major problems: Lack of Forsight, and Lack of Redundancy. People spend hours upon hours hardening routing tables and installing IDS sensors into a network, or putting on tripwire and patching the latest overflows, but no one takes the time to harden their own mind. People seem to think that their job will always be there, that maybe - they can go to their boss or a co-worker and explain a problem.

Unfortunately in todays Tech society and in many parts of our society, comming by a company that has as much dedication to its employees as most Geek employees have to their job is something that is few and far inbetween.

As many of you, I decided to try and get a new job at the wrong time. However now I love my job beyond all belief, but it doesn't pay what I want. So instead of cashing in my chips and getting a new one, I decided to start several small side businesses hoping one or two of them would prosper. All of them require only a little bit of effort and have the potential to develop residual income. If anyone is in need of another opportunity, feel free to contact me at auto222418@hushmail.com, I will respond from a named account just tired of web spiders grabbing my real addresses. In the mean time, you can check out a similar project, http://www.excelir.com/chno and a side project of Mind Hardening at http://www.octanoid.org/hardening/.

Best of luck! People have made it through worse, I know I have and will give advice at any time.

The page at the link you gave just bitches about how Hushmail doesn't encrypt messages sent via Hushmail to non-Hushmail recipients or messages received from non-Hushmail senders via Hushmail. This is true, but I felt that the Hushmail web site very adequately explained this.

Not to mention that Hushmail gives you a confirmation message forcing you to OK the fact that your mail won't be encrypted if you have a non-Hushmail recipient!!

How about Hushmail? Or another source--ZipLip?

Onorio Catenacci

--
"And that's the world in a nutshell -- an appropriate receptacle."

rofl

The number of newly registered privacy-related trademarks and patents has risen dramatically in the past few years; they include everything from banking services and computer technologies to window treatments and even an independent software agent ("for protecting consumers' privacy") called Privacy Just Got Cool. Anonymous Web-browsing and e-mailing services are available from companies called Anonymizer, Hushmail, IDcide, PrivacyX, and ZipLip. An outfit called Disappearing has developed an e-mail system that allows users to send messages that permanently unwrite themselves after a previously specified amount of time. Sales of personal paper shredders are up. Personal bodyguards are increasingly in demand. American Express has just unveiled a system called Private Payments, which generates a random, unique card number for each online purchase. A California law firm now offers to prepare something it calls The Privacy Trust, which, it claims, "successfully conceals ownership of bank and brokerage accounts, the family home, rental properties, and interests in other entities." Money may soon begin to be "minted" solely in electronic form, creating "digital cash" that could make credit cards (and the data gathering they make possible) obsolete. There is serious talk of building privacy protection into the infrastructure of the Internet, and of using such protection, paradoxically, to make the flow of information freer than ever before.

And the snippet I gave above is only the smallest fraction of the content of the article. It isn't even a primary point. It is just a part of the introduction.

I'm going to have to bookmark this mag, just because it helps excercise my brain cell.

;-)

...use pgp, or hushmail...
Pretty simple really. Technical, logical solution to a political problem.

There really is no way to keep knowledge of tacnuke construction and the like a secret. Look at what the credit card companies tried to do with magstrip encoding; now any determined young post-h4x0[Z kid can encode their very own Visa, and the tech to make the physical card has been out since the 80s.

Probably, the only effective way of keeping these sort of things under control is to either restrict the materials or strike somewhere else entirely, such as with heavier penalties for child porn and the like. Just a suggestion, given the fact that the current system fails by your definition of success.

The subject says it all. I've never recieved any spam in the year and a half I've had my account, and it uses https and java to set up a secure tunnel from end to end (none of the Yahoo pseudo-secure stuff). It's a little slower, since it is somewhat java based, but it think it would fit your needs perfectly.

You can find it at Hushmail.com .

Really? Is Java 2 even available for FreeBSD yet?

Zooko goes to check.

Looks to me like it is still in beta. I strongly doubt that we would have more platforms if we had used Java.

This is not even counting the fact that we developed faster in Python than we would have in Java (I say this based on spending one year working full-time on a Java app and getting basically nothing shippable, and then spending one year working in Python and getting, well, Mojo Nation.) (Not, obviously, that I wrote Mojo Nation all by myself, but the point remains that I've seen Python apps come together way faster than Java apps.)

And this isn't counting the fact that the standard libraries that we used are in C/C++ and are very mature and widely supported than their Java equivalents. Don't get me wrong, I love Cryptix, not only because it was founded by some friends of mine, but because it enables cool tricks like hushmail , but it would've been dog slow to do our crypto in pure Java. The crypto library we use, Wei Dai's Crypto++ is about as fast as can possibly be (including hand-optimized assembly inner loops, if you are on x86). I know you can marry Java app code to native code (and I have done so, way back in the dark ages of Java 1), but the culture of Java frowns on this, whereas the culture of Python has fully embraced native-code integration from day one. Perhaps as a consequence of this, it seems easier to do in Python.

As to your comments about UI, I have to defer to your authority as a user. Personally, I like the HTML UI, and I would much rather have an HTML UI than an actual widget UI, but apparently most users in this world disagree, so you are right -- we should provide the latter.

To bring this conversation back to the topic at hand, has this argument been productive or destructive? I think that it has been useful to talk about the actual features offered by different languages / tools. It is good for programmers to learn from the experience of others. I do not think that Python is Good and Java is Bad. Java has several good features, such as integration with current browsers (allowing cool tricks like hushmail) and possibly good cross-platform UI (although I don't personally know how Swing compares to wxPython), and it has a security model that allows untrusted code, but cross-platform availability and rapid development are not among Java's strengths.

Regards,

Zooko

I personally am a fanboy of this service, which can be found at http://www.hushmail.com, so you may want to take my comments with a grain of salt. However, I must say that I have found Hushmail to be a superior email service.

1. The service is free, unlike some solutions that offer encryted mail.

2. You can choose a user name, and supply a very small amount of personal information (mainly first and last name), OR you can create an anon######@hushmail.com account and supply NO personal information.

3. You check your mail through a java applet that encrypts traffic to and from their servers.

4. You can select a passphrase of arbitrary length. I think mine is 40 or 50 characters.

5. Your inbox on their servers is encrypted. If your inbox is ever subject to subpoena, Hushmail will happily supply the legal authorities with unintelligible, heavily encrypted junk. Drawback: if you forget your passphrase, there is no way to recover your account.

6. If you send an email to another Hushmail user, your message is never converted into plain text; it goes encrypted straight from your Java applet to their inbox.

The one issue I feel Hushmail still needs to address is PGP integration. If you receive a PGP encrypted message in your Hushmail, you have to copy the text and paste it into Notepad to decrypt it, and if you send a message to a user that is not on Hushmail, there is no choice but to send it in plaintext. However, this issue has been acknowledged, and will be addressed in a future service upgrade.

All around I'm happy with Hushmail, and I wouldn't hesitate to recommend it to the Slashdot community.

-inq

Hushmail, at www.hushmail.com, has 128 bit SSL uploads and downloads of both text and MIME parts. The Hushmail computers are located in Canada and the company is based in Trinidad, I believe, so they would be far less susceptible to an FBI search than Yahoo would. When you send e-mail to another Hushmail account, it is kept in encrypted form. It's really pretty slick. If you want to try it out, send me e-mail at beulah@hushmail.com, preferably from another hushmail account.

It's not secure at all - you could easily trace illegal emails by a court order taken out on Yahoo!.

Hushmail or no-id's anonymous remailer, preferably accessed via anonymous proxy server is better

you could try this

Seriously, all you really need is to be able to open a secure connection (SSH, https, is there a secure SMTP?) to some server, and use that to send SMTP signals (or whatever). Why go for simple hacks, when you can have pure, perfict, unbreakable security?

If you want the kind of mail security people drool over, use HushMail. Encrypted end-to-end with other HushMail users. Encrypted end-to-end with your browser via a java applet.

So, 1,024-bit keys protect HushMail users. The public and private keys of Hush users are both stored on the Hush servers. However, before the private key is stored on the Hush servers, the private key is first encrypted on the individual user's machine by his or her passphrase, so even HushMail employees cannot access user passphrases.

Good stuff - strong encryption all the way baby!

Now where's my tempest-foiling encrypted X display? ;)

Sorry to be posting such a blatant ad, but I've begun to use hushmail.com for just this reason. Its web based, but done in a java applet, so that every byte that travel over my employer's LAN is strongly encrypted. Nervous folks in the UK may find it useful. Hushmail

Cut the cackle, open an account with HushMail.

According to the website, hushmail is "the world's first, secure end-to-end, free, Web-based email service." I haven't used it myself, but I've seen testimonials from happy users both here on slashdot and on other sites.

Email is read and sent via a Java applet that ensures it is encypted before even being sent to a company proxy, so your boss can't intercept the plain text going over the connect, as is the problem with hotmail, icq, et al.

Besides, doesn't 1024-bit encrypted email make you drool?

You can use Hushmail for free which will encrypt your web-based-email-usage.

HushMail.com uses strong encryption end to end. It's the strongest web based email that i know of...

hushmail

Hushmail has had secure, encrypted email for a long time now. It uses a Java applet to do the encryption in your browser, without having to download and install any application. The Java source is available for everyone to check for security holes. Hushmail never actually sees your private key. It looks pretty secure, overall - it's been around for a couple of years and I haven't heard of any holes in it.

Bruce Schnier has even reviewed it. He has some problems with it, but there's no glaring security holes. Still, you're probably better off with GPG, storing your private key yourself.

So SafeMessage is nothing new. Of course, the more the merrier. Everyone should use encryption all the time, and competition is a good thing.


Torrey Hoffman (Azog)

...another comment from Michael Tandy.

The problem is all inside your head, he said to me
The answer is easy, if you see it logically
I'd like to help you in your struggly for privacy
there must be
50 ways to move your email

Get Yahoo, stu...
or Hotmail, Gail..
there's freeshell, Del,
Just listen to me
go get Hush, Gus,
we don't need to discuss much
and get PGP, Lee
and set yourself free

(I don't want to slashdot freeshell, but if you look hard enough, you can find them)

Having been for a long while a silent monitor of Slashdot, I have been moved to verbosity by this article and the posts it has provoked. Some of the comments I have witnessed are balanced, others are the voices of evangelists, yet others merely follow the general tide, which is naturally just what is meant by "Know thyself". Although many may come to miss the sound of my silence, here is my voice. Having some knowledge of both organizations, I state: Wintel is a mythological entity. Intel does not allow the use of the word in any of its documents except to say: "No such architecture". And think of Microsoft. If even Linux runs on Alphas, Is it logical to believe that an enterprise like Microsoft wishes to be tied to a single processor vendor? Is not their new .NET vision a direct challenge to that notion? Did not Intel's testimony at the Microsoft anti-trust hearings demonstrate strains that have always existed between the companies? Intel has known since the middle of the 20th century's closing decade that it was on a collision course with Microsoft. A small consequence of this knowledge came to our attention when Intel demonstrated a home-grown, 64-bit Linux variant on its IA-64 architecture. Has not Intel also established a foundation for developing an independent 64-bit Linux version for its upcoming launch? Does anyone doubt that they develop their own operating systems for testing their new architectures? Both Intel and Microsoft are in business for one reason: to make money. This is the motivating factor for all busineses, Is it not? Even those that sell Linux. It follows that neither Intel nor Microsoft wish to have business channels sealed off by mutual exclusivity. Intel has always wanted to make it very clear that Microsoft is tied to their architecture, not viceversa. And you can bet that Microsoft has the same attitude. So, is this action a gauntlet thrown at the feet of Intel by Microsoft? Not really; the challenge has existed for some time. Will this action precipitate the fall of either or both companies? No. The coffers of both companies overflow, much to the chagrin of some zealots. Some words of advice to these: Beware that your dogmatic hatred of an organization does not become a dogmatic preference for others who, under that sheep's skin, are of the same wolf pack. [ t h e D e v D u d e ] || mail

The following is not professional advice. I have not done an audit of Hushmail; I've looked at their code a little bit, along with how they handle messages and encryption.

My impression is that there are some flaws in the design--lack of a security audit, lack of choice in ciphers, possibility of Trojaning, dependence on your browser handling HTTPS properly, etc.--but all in all, Hushmail (click here) seems to be the best option out there right now for secure Web-based email.

I've used Hushmail in the past for email communications with my attorney (she's too tech-naieve to use PGP properly, but she understands "if I send him email at his Hushmail account from my Hushmail account, then I'm doing my part to keep attorney-client privilege secure").

I've got to say that I feel safer with PGP/GPG, but Hushmail is a hell of a lot better than most of the snake-oil that's sold out there.

I'm not saying Hushmail is good; I can't say that, given that I haven't done any hardcore analysis of it. I'm only saying that, based on my experience with it and based on what I've reviewed of their setup and policies, Hushmail seems to be the most clued-in of all the current secure Webmails.

This story seems to believe that encryption is the answer to all your privacy problems.
If you have been following the progress of the RIP bill you will know that failure to hand over your
encryption key leaves you in the position that you must prove you NEVER KNEW IT. Seeing as this is probably impossible, you will face the
mandatory jail sentence or up to two years. Very draconian.

Does anyone have any comments on the security of services like hushmail?

Hotmail is laughably insecure; I believe it was Hushmail to which you meant to refer.

First, I'm a fan of Hushmail. I think they do a moderately good job (as opposed to some of the clowns in the field), and Genevieve is a sweetheart. That's well and good for them, but the problems with browser-based secure email are still substantial.

1. No code review. Hushmail's code is available for review, but as of this writing it hasn't been security-audited by a respected infosec house. There is no security without a security audit. [*]

2. Susceptability to Trojans. Okay, so they have a certificate from an appropriate CA... how many people actually check the certificate for authenticity?

3. Complexity. Believe it or not, a lot of people can't understand that "if you send email from a Hushmail account to another Hushmail account, it's delivered securely; otherwise, you take your chances". I've had people send sensitive information to my Hushmail account (here) from a Hotmail account, believing that the Hushmail address was some magic pixie dust that made everything secure.

4. Distinguishability. There are certain "secure" email services which get laughed at, lots, by people in the security field. There are other services which get careful and qualified respect. By and large, the userbase is oblivious to this; they make their decisions based on marketing. There are some services I've seen advertised in national news magazines which make themselves out to be superhumanly secure--and then, in the fine print, mention that "oh, by the by, we escrow your keys just in case". It is extremely difficult for an average consumer to make an even mildly informed decision as to which services to patronize.

... None of these problems are Hushmail-specific; they plague all of the browser-based email providers, some moreso than others. While I wholeheartedly agree that browser-based email services can provide a simpler, more secure way to send mail, they're just an evolutionary step towards where we need to go--they aren't a panacea.

[*] Unfortunately, the reverse isn't true--just because a product has passed a security audit doesn't mean it's secure.

Hotmail is laughably insecure; I believe it was Hushmail to which you meant to refer.

First, I'm a fan of Hushmail. I think they do a moderately good job (as opposed to some of the clowns in the field), and Genevieve is a sweetheart. That's well and good for them, but the problems with browser-based secure email are still substantial.

1. No code review. Hushmail's code is available for review, but as of this writing it hasn't been security-audited by a respected infosec house. There is no security without a security audit. [*]

2. Susceptability to Trojans. Okay, so they have a certificate from an appropriate CA... how many people actually check the certificate for authenticity?

3. Complexity. Believe it or not, a lot of people can't understand that "if you send email from a Hushmail account to another Hushmail account, it's delivered securely; otherwise, you take your chances". I've had people send sensitive information to my Hushmail account (here) from a Hotmail account, believing that the Hushmail address was some magic pixie dust that made everything secure.

4. Distinguishability. There are certain "secure" email services which get laughed at, lots, by people in the security field. There are other services which get careful and qualified respect. By and large, the userbase is oblivious to this; they make their decisions based on marketing. There are some services I've seen advertised in national news magazines which make themselves out to be superhumanly secure--and then, in the fine print, mention that "oh, by the by, we escrow your keys just in case". It is extremely difficult for an average consumer to make an even mildly informed decision as to which services to patronize.

... None of these problems are Hushmail-specific; they plague all of the browser-based email providers, some moreso than others. While I wholeheartedly agree that browser-based email services can provide a simpler, more secure way to send mail, they're just an evolutionary step towards where we need to go--they aren't a panacea.

[*] Unfortunately, the reverse isn't true--just because a product has passed a security audit doesn't mean it's secure.

No one's mentioned this yet, so I will. HushMail is very cool. Web/Java-based, highly encrypted (1024 bits between HushMail boxes, IIRC), and reliable.

I wonder if providing free encryption based web mail services would be something

Such a thing already exists.

HushMail