Slashdot Mirror

← Back to Stories (view on slashdot.org)

Secure Webmail Providers?

Posted by Cliff on from the a-little-paranoia-is-a-healthy-thing dept.

Rainier Wolfecastle asks: "I am looking for information on any webmail providers that support PGP/GnuPG encryption. Up until now I have been using Lok Technology's excellent service, but it appears that they have gone out of business, since their site has been unreachable for over two weeks now. I am aware of Hushmail, but that doesn't work well under Linux. I am considering using Name.Space's LokMail service (based on Lok Technology's..er...technology) but I was wondering if anyone out there has any other suggestions. Free email is coming to an end, and if I'm going to pay for it (which I don't mind at all) then I want a decent product."

56 comments

  1. What's the point... by lightspawn · · Score: 1

    when the server-to-server communication is plaintext?

    1. Re:What's the point... by crow · · Score: 5, Informative

      The server-to-server communication is not in plaintext if you use PGP or GPG. Of course, the headers are, so an observer can see who you're talking to, just not what they're saying.

    2. Re:What's the point... by lightspawn · · Score: 1

      Hey... how can the parent comment be "overrated" if it hasn't been moderated by anybody else? Comments should not be allowed to be moderated as "overrated" or "underrated" unless they've been rated something else first.

      Unless I have been overrated personally?

    3. Re:What's the point... by Anonymous Coward · · Score: 0

      Using the +1 Bonus basically is moderating yourself. The moderator (rightfully) thought that was a crappy moderation and took action.

      Don't post stupid stuff with the +1 Bonus and you'll be okay.

    4. Re:What's the point... by JohnFluxx · · Score: 1

      some of us have an option of adding 1 to our posts - doing this might count for being allowed to have an overrated moderation.
      I posted this at score 3 for an example.

    5. Re:What's the point... by Anonymous Coward · · Score: 0

      Hey- some posts are so dumb that even 1 point is "overrated" in my book...

    6. Re:What's the point... by Anonymous Coward · · Score: 0

      I posted this at score 3 for an example.

      No you didn't you idiot. You can only post at +2. If you're +3 it's because you get an extra point for being yourself or something. Or maybe you made yourself your own friend, (probably sexually).

    7. Re:What's the point... by Twirlip+of+the+Mists · · Score: 4, Insightful

      Hey... how can the parent comment be "overrated" if it hasn't been moderated by anybody else?

      Because while you can moderate up for being informative or insightful, you can't (at present) moderate down for being dumb or wrong. As long as the down-mod options are limited to troll, off-topic, flamebait, and overrated, expect to see comments that are just plain stupid moderated "overrated."

      Seems to me that if there's a "+1, Informative," there ought to be a "-1, Misinformative."

      --

      I write in my journal
    8. Re:What's the point... by anthony_dipierro · · Score: 2

      It's a bug in the Slashdot code. CmdrTaco has said so in a Journal entry, but I can't find it.

  2. Of course you've already thought of this... by MacAndrew · · Score: 1, Redundant

    ...but there is no lack of providers.

    I would be interested in this, also, thank you for asking.

  3. Hushmail? by penguin_punk · · Score: 4, Informative

    Hushmail was the first and obvious choice when I read the headline, but you mentioned that it doesn't work well under linux??? What's up with that? I believe it uses java. (to lazy to check) Do you not know how to install the java plugin under mozilla/netscape/konqueror?

    --
    HURD - Hurd's Under Research & Development
    1. Re:Hushmail? by Anonymous Coward · · Score: 1, Informative

      A couple of points:

      1) Please mod the parent down. It is the opposite of informative.

      2) Hushmail is only supported on IE under Windows. Yes, the client is a Java applet, but it's "MS-Java". The applet doesn't work under Linux or Mac OS X. I haven't tried it under Mac OS 8.x or 9.x, but I'm not exactly optimistic.

    2. Re:Hushmail? by Anonymous Coward · · Score: 0

      Hushmail works great With IE, Mozilla and Netscape 4.7x / 7.x for Win32, and Netscape 4.7x / Mozilla 1.x on Linux/Unix--at least that I use for myself. It apparently doesn't work on Mac due to some broken Java crypto stuff...

    3. Re:Hushmail? by Anonymous Coward · · Score: 0

      Hushmail is only officially support under Windows, but it works perfectly fine under linux using Mozilla and sun's jre 1.4.1_01. It will NOT work using sun's v1.3 jre.

      It also works fine on Mozilla under Windows using sun's jre v1.4.1_01

    4. Re:Hushmail? by uffe77 · · Score: 1

      From the FAQ:
      "Will HushMail run on my Macintosh(TM) computer?
      Regrettably, HushMail does not work on "Macs". This is due to problems with the way Java works in browsers availablefor the Macintosh. We are hoping that future web browsers for Macintoshwill resolve these problems."

      Well, I never give up without a try. But with Mozilla 1.1 under MacOS 9.2.2 I was NOT able to set up an account. Time to set up that Linux partition...

      - Uffe

  4. Hushmail in linux by rocketfairy · · Score: 5, Informative

    Hushmail works fine for me in linux; it runs on java, so you need a browser (Mozilla works swimmingly) and a working virtual machine. Grab the latest one from Sun, make sure there's a link to it in the mox plugins dir. If it keeps breaking, try making the account on a windoze machine, and then accessing it in linux -- that worked for me the 1st time when my jvm was crashy.

    Oh, and remember -- hush security is only as good as your passphrase. Diceware!

  5. try these by Anonymous Coward · · Score: 0

    I suggest you use hotmail or yahoo! mail. Just give them a fake name/city/zip etc.

    It's very secure.

  6. Problems with Encrypted Webmail by pete-classic · · Score: 5, Interesting

    Encrypted webmail is a tricky issue. In the final analysis you basically have to use a passphrase that is so good that you don't mind having your (encrypted) private key publicly available.

    Consider that the webserver admin(s) will have access to the encrypted private key. Also consider that the webserver (process) has read access to the key. The upshot is that if anyone gets root access to the box, gets a shell under the webserver's UID, or convinces the webserver to serve up a file that it is supposed to have read access to, the only thing between your private key and an attacker is your passphrase.

    I find all this unsettling to the point of believing that it can't be safely done.

    If anyone knows any better, please fill me in.

    -Peter

    1. Re:Problems with Encrypted Webmail by ehetzner · · Score: 2, Interesting

      You're correct, but I don't think that it necessarily has to be that much of a problem, if it is made clear that the passphrase for your key is far more important than most others. You would have to ask people to remember a long, randomly choosen passphrase. Do not give them a choice. If you get 128 bits of random data, turn it into radix 64, thats a 22 letter passphrase (upper & lowercase, plus 2 other characters). Now, perhaps not everybody could memorize that, but even if it were written down & kept secure, it would keep most people's key reasonably secure.

      Another solution could be to have 128 bit (22 character) key that is again encrypted by a memorized passpharse. The user could write down the key, but even if this were compromised, it would still be at least secure for long enough to generate anohter key (not public/private key) & passphrase.

    2. Re:Problems with Encrypted Webmail by pete-classic · · Score: 3, Interesting

      Are you serious?

      I can barely remember my phone number. It is only 10 digits, and the first three are a gimme. I'm supposed to remember "iDclyWnIxwaJcSOWNLcj" or some junk?

      And this has no real impact on the trust issue. What prevents the webserver admin from having the webmail software log all incoming passphrases?

      I harp on this becasue if I can trust my mail admin (and you trust yours) half the battle is already won.

      -Peter

    3. Re:Problems with Encrypted Webmail by photon317 · · Score: 4, Insightful


      It's worse than that. If they root the webmail server (or a little more difficult if they just get the webserver UID), they can read the SSL traffic, including your passphrase. In short the only way to have securely encrypted email is to store the private key on your own private local machine - a webmail service simply cannot gaurantee you jack.

      --
      11*43+456^2
    4. Re:Problems with Encrypted Webmail by anthony_dipierro · · Score: 2, Interesting

      Not if the passphrase is only given to the java applet. Of course that's only useful if the java signing key is on a separate computer, and you've code reviewed the source code of the applet yourself before signing it.

    5. Re:Problems with Encrypted Webmail by ehetzner · · Score: 2, Interesting

      Yes, I'm serious. Have a java applet which does enccryption on the client computer. This is what hushmail does.



      If you read my post, you'd realize that I suggested that a person could write down their key. I myself don't consider this much of a problem if you keep it secure on your person. Or if the key one writes down is encrypted with a passphrase which could be memorized.

    6. Re:Problems with Encrypted Webmail by Anonymous Coward · · Score: 0

      Eeeeeeet Pee PEE!

      Whiney Bitch!

    7. Re:Problems with Encrypted Webmail by Anonymous Coward · · Score: 0

      I can guaranty that you cannot spell for shit.

    8. Re:Problems with Encrypted Webmail by photon317 · · Score: 2


      Fucktard spelling nazi. Websters recognizes "guarantee" as well as "guaranty", which means in my typing haste I swapped the initual "ua" to "au", not a bad mistake at all, especially seeing as I don't give a shit about small grammar and spelling mistakes (see my journal). It has been my experience that the "ee" ending is used more commonly in the US. And don't bitch at me for being US-centric either, there's a US-centric population here, get used to it.

      --
      11*43+456^2
    9. Re:Problems with Encrypted Webmail by Anonymous Coward · · Score: 0

      How dare you call me a nazi, the nazis killed much of my family in ww2 you insensitive fuck.

      I am from Canada, up here we spell correctly. Get an education you tool.

    10. Re:Problems with Encrypted Webmail by Anonymous Coward · · Score: 0

      The webserver actually does not have access to the keys. The applet communicates with the keyserver to retrieve that information thus bypassing the web servers completely. Also the admin(s) do not have any way of linking a private key to a user account. The private keys are stored via a SHA1 hash index. Another reason if you lose your passphrase you are completely hooped.

      Their FAQ has a fair amount of technical information on how it all works.

    11. Re:Problems with Encrypted Webmail by Anonymous Coward · · Score: 0

      Misinformation sucks doesnt it. Have you even used HushMail or looked at the source code which is available for review. The applet *never* sends the passphrase at any point. The passphrase is used to generate the SHA1 index key to retrieve your private key and encrypted imap credentials. Which are then decrypted locally.

      Having access to the web server will gain you nothing accept access to intercept unencrypted email when it gets sent back to the client.

  7. Web mail with i18n support - any? by bertilow · · Score: 2, Interesting

    Going slightly off-topic here:

    Has anyone found any web mail service that handles texts in various character encodings - notably Unicode - correctly (or at all)?

    I'm really amazed how badly Hotmail et.al. handle i18n. Any message is treated as if it's in "iso-8859-1" (Latin 1, Western), and all information about the actual character encoding is just stripped off.

    Correctly would of course also mean "without using HTML in e-mail messages".

    1. Re:Web mail with i18n support - any? by pete-classic · · Score: 5, Informative

      SquirrelMail has handled this for years.

      It is totally paranoid about HTML email.

      Even comes with a bunch of translations.

      So, either set up your own mailserver (like a real man!) or find a provider that uses SquirrelMail. I use Fairplay Communications here in Colorado. They rock, and provide SquirrelMail. (And the only affiliation I have with them is that I am a paying customer.)

      SquirrelMail is where it's at. (But I am a little biased ;-)

      -Peter

    2. Re:Web mail with i18n support - any? by bertilow · · Score: 1
      SquirrelMail [squirrelmail.org] has handled this [squirrelmail.org] for years.

      Thanks for the tip! I'll check it out.

      I did however get a little suspicious when I found the following page:

      http://www.squirrelmail.org/wiki/en_US/SquirrelMai lRequirements

      The character encoding is a total mess on that page. Maybe it's the Wiki's fault. I've seen that kind of mess on Wiki pages before.

    3. Re:Web mail with i18n support - any? by pete-classic · · Score: 2

      Hrm. The encoding in SM works. I don't know what "brand" the wiki is, but I'll report that page on the list . . .

      Have no fear about SM itself, though. I believe that well over half of the SM installations out there are non-english. XS4All.nl was the "biggest" user for a long time, probably still is.

      -Peter

    4. Re:Web mail with i18n support - any? by bertilow · · Score: 1
      Have no fear about SM itself, though. I believe that well over half of the SM installations out there are non-english. XS4All.nl was the "biggest" user for a long time, probably still is.

      OK. I have no fear...

      But I did find an entry in the wish list, that UTF-8 support should be added in the future:

      http://www.squirrelmail.org/wiki/en_US/WishList

      So, is there Unicode support, or not, in SM?

    5. Re:Web mail with i18n support - any? by pete-classic · · Score: 2

      Bear in mind that it is a wiki . . .

      I don't know all the subtleties of using non-US character sets . . . but there has been a "i18n guy" making SM work with all sorts of languages for a long time.

      The only thing that was outstanding when I last checked (which was a while ago) was multi-byte character sets. I don't know what the status is on those.

      So, does it work with UTF-8? I'm not completely sure, because I'm not completely sure I'd recognize UTF-8 if I saw him on the street. But it does work with all sorts of extended western character sets, Cyrillic, and several single-byte Asian sets, whatever that means.

      Subscribe to the mailing list, or even go out on a limb and install it!

      -Peter

  8. No, that would be stupid... by anthony_dipierro · · Score: 4, Informative

    Webmail is for roaming. If you're roaming, then you don't trust the client. PGP is useless if you don't trust the client.

    And don't say signed java applets 'cause (1) if you trust the provider's signature then just use https (I'll give you an account at inbox.org) and (2) if you don't trust the computer then you can't store your private key.

  9. What's the point... by Anonymous Coward · · Score: 0

    when the video display to the eye communication is plaintext?

  10. Not just that by 0x0d0a · · Score: 2

    But inexplicably, "overrated" and "underrated" are apparently immune to metamoderation (according to a friend who *hasn't* had their moderation and metamoderation privs stripped from them by Taco's bloodthirsty cabal).

    I strongly agree with "Misinformative", though I think I'd change it to "Incorrect", since "Misinformative" implies an attempt to deliberately spread misinformation (like the insidious Professor Collins, for instance). "Misinformative" has a time and a place, but perhaps not serving the place of a term that simply means "wrong".

    --
    May we never see th
    1. Re:Not just that by Twirlip+of+the+Mists · · Score: 2

      immune to metamoderation

      I wouldn't know. I haven't been asked to metamoderate since I started using this new account. I posted under a previous account for a few years, but grew sick of the user name and haven't been invited to participate in either form of moderation since. I have no idea if I'm deliberately being excluded, or if I'm just still in that "new user" phase. Don't know if there's any way to find out, either.

      I strongly agree with "Misinformative", though I think I'd change it to "Incorrect", since "Misinformative" implies an attempt to deliberately spread misinformation

      Yeah, you've got a point, but I'm not sure "incorrect" covers it either. I'd like a moderation that I could assign (in theory, if I ever were to get mod points again) to posts that are (1) wrong or (b) moot. Because sometimes a post can be technically correct, but wrong anyway because it doesn't apply to the situation at hand. The post that spawned this thread qualifies thus: it's true (transport-layer encryption [such as SSL] is less useful if other segments of the message path are unencrypted), but it doesn't apply to this discussion (we're not talking about transport-layer encryption, but rather message-layer encryption).

      I don't know what the right answer is, but I do know that Troll, Offtopic, Redundant, and Flamebait don't apply.

      --

      I write in my journal
    2. Re:Not just that by Anonymous Coward · · Score: 0

      >according to a friend who *hasn't* had their moderation and metamoderation privs stripped from them by Taco's bloodthirsty cabal

      There's a reason for that -- people who abuse moderation get their privs removed. Why permanently? Because it's a free site, and the people running it simply have better things to do than hear monthly complaints about dumbassess.

      After being stalked by a crazy slash-user, I'd say it's a good thing, too.

  11. Replying to my own question by Rainier+Wolfecastle · · Score: 1

    The reason I stated that I don't want to use Hushmail is precisely because of the need for Java. The reason I want webmail is so that I can access it from anywhere, and I don't want to have to rely on the presence of Java on the machine I happen to be using.

    On a side not, I got an email from the CTO of Lok Technology today, and it appears that they will be back up by the end of the week.

    1. Re:Replying to my own question by anthony_dipierro · · Score: 2

      The reason I stated that I don't want to use Hushmail is precisely because of the need for Java. The reason I want webmail is so that I can access it from anywhere, and I don't want to have to rely on the presence of Java on the machine I happen to be using.

      If you don't use java then you have to provide your webmail provider with your private key. That's not a smart idea.

    2. Re:Replying to my own question by Rainier+Wolfecastle · · Score: 1

      At Lok, which I was using, the private key is generated and stored on the server at sign-up, using hints that make sure that you provide a decent passphrase. Neither the email account password nor the GPG passphrase are stored by the company. They specifically tell you not to be a dumbass and forget it, because they can't get you back in if you do.

      Also, there is a login history available (logs time and IP address) that you can use to make sure that no one else has accessed your account.

    3. Re:Replying to my own question by ehetzner · · Score: 1

      But if the company does not use java, then you are sending the PGP passphrase to them to use each time you read your encrypted mail. So there is the possibility of it being compromised. I know it is somewhat paranoid, & if you trust the company, fine. But if you don't, or if you fear they may be compromised, it's not very helful.

  12. IMP by Etyenne · · Score: 2

    It's a software, not a service but just in case you would be interested in running your own server, I would mention that IMP have PGP/GPG support (at least, the CVS HEAD does).

    --
    :wq
  13. You are correct. by Blacklist+Blacklist · · Score: 0

    Here, you are correct. In your journal, you are not.

    --

    Fight the Troll Blacklist
    1. Re:You are correct. by Anonymous Coward · · Score: 0
      i used to think rob malda was queen of the faries. Now, i see Troll Blacklist is.


      In honor of egg troll:


      Gripes about Slashdot:

      - posters that spell Microsoft with a $ or spell it MicroCrap or something.
      - posters that glorify a feature that Linux has that BSD or Solaris as had for years, and list this reason as the most important reason to switch over
      - posters that say Slackware is better because "you have to compile all of the applications for yourself"
      - Rob Malda's arrogance
      - frequent spelling and grammar mistakes. I'm not talking something really obscure or a minor technicallity in English, either. I'm talking substituting "loose" for "lose" or "they're"/"their"/"there". Really easily corrected mistakes. Any halfway decent fifth grader could pick up on these errors.
      - people that post a mirror to a site that has been Slashdotted, which normally would be nice, but is hosted on a cable modem that is soon Slashdotted
      - page widening
      - random quashing of posts that don't agree with the Slashdot mindset.
      - really annoying sigs
      - unhumorous jokes that have to be "explained" to the audience. If your joke has to be explained, it's not funny.
      - "BOYCOTT RIAA" and "I can't wait to see Episode II!" all in the same day.
      - Rob Malda's childish obsession with legos.
      - the Slashdot crew doesn't have any other jobs other than Slashdot, yet it seems it was better run when Rob was running it on a Multia in college in his spare time.
      - the "page limit" with the subscription.
      - The expulsion of Signal 11.
      - ranting, paranoid articles whenever there APPEARS to be a GPL violation, with no verification whatsoever. Just a bunch of ranting posts about freedom.
      - for that matter, no verification of articles at all. I wish I could count the number of times Slashdot's been scammed on two hands, but it's been so many.
      - April Fool's articles on Slashdot. THESE AREN'T FUNNY. I wasn't going to explain, but whatever. Okay, let's say you run a website. On April Fool's, you post, say, ONE or TWO fake pieces of news along with the real news. This way, some people are fooled. By posting ALL fake news and "jokes", no one falls for the prank.
      - no one buys Loki's games, but there is a big mystery when they go out of business.
      - no NNTP frontend to Slashdot.
      - direct links to bugzilla
      - continuing tightening of the "troll filters" to the point where even normal posts are rejected by some stupid criteria
      - self righteous posters who want everything under the sun to be Open Source, even though they have never written a line of code in their life
      - whenever an article on a new scripting language is posted, all of the C users chime in "but it's not as fast as C". shortly after, all the assembly users chime in "assembly is the fastest". predictably, right after that, someone says "why don't we all just use machine code?"
      - anecdotes on your grandmother using Linux to check her email and whatnot. this ALONE proves that Linux is better than Windows for ALL uses.
      - cult-like devotion to Linux. reserve your fanaticism for a church, not a kernel.
      - someone is not less of a person if they don't use Unix.
      - posters who think that BeOS is having "a bad moment" and will surely rise to defeat all other operating systems
      - posters who think Palm will open the source to BeOS for no reason at all
      - people who think that Amiga isn't dead. The new virtual Amiga doesn't count.
      - people who think that OS/2 isn't dead. 'Ecomstation' doesn't count.
      - people who bemoan the loss of OS/2 while thinking it was a big conspiracy, completely IGNORING the fact that IBM did not advertise. we all KNOW OS/2 was technically superior to Windows at the time. You don't have to bedazzle us with tales of "running all the latest Windows and DOS applications aside native OS/2 apps". We've heard it all before. We know it WAS better.
      - people who think that this is the last year ever we'll ever have to hire C++ programmers, because as we all know, Java is going to "kill it off"
      - this is a good one. Completely expositionary articles such as "Surprised by Weath" in which ESR BRAGGED about how rich he was and how he wasn't going to give us any money. NO SIR.
      - bitchslapping
      - benchmarks that pit, say, Linux (lastest revision) against FreeBSD 3.0 or something old and useless.
      - how banner ads for the site only link to other OSDN sites
      - any links to nytimes.com
      - when someone writes a comment with ^H to signify deletions
      - the moderation $rtbl
      - meta moderation
      - people that spell Red Hat as "RedCrap"

  14. Novell to the rescue... by rainmanjag · · Score: 2

    Granted all of the problems stated with PGP over webmail, I'll pitch Novell's webmail service myrealbox.com... they're running a free implementation of their latest directory service to test and debug in a production like environment... no banner ads... web access over SSL... IMAP, POP, and SMTP access over SSL... so I use Evolution as my local client on my desktop... and when I'm away from my desktop, I read (and only in an emergency respond) to my email using the web interface...

    Only downside is occasional downage for software and hardware upgrades...

    -jag

    --
    http://starboard.flowtheory.net/
    1. Re:Novell to the rescue... by flowerbear · · Score: 1

      of course myrealbox.com is no longer accepting new accounts.

      --
      flowerbear adrift on a sea of confusion since 1958 flowerbear@phreaker.net FORTRAN programers don't eat quiche!!
    2. Re:Novell to the rescue... by rainmanjag · · Score: 1

      Really? Wow. That sucks. Since when?

      -jag

      --
      http://starboard.flowtheory.net/
  15. My solution by cos(0) · · Score: 1

    I have an SSH server set up on my DSL-connected Linux machine and pay for FastMail.fm e-mail that offers IMAP. When I want to manage my e-mail, I log on to my server from wherever I am using PuTTY (I changed the SSH port to something that most firewalls allow), and run Mutt.

    I have it set up to use GPG for automatic signing -- all I do is type up an e-mail, press the send key, enter my GPG passphrase at the prompt (which is 35 alphanumeric chars,), and press Enter. My e-mail gets signed and mailed. When I receive a PGP-encrypted/signed mail, Mutt automatically decrypts it for me, again using my passphrase.

    It's very convenient (setting it up is the hardest part, and that's also easy with online documentation) and very self-reliant: no special provider to go out of business, no browser to block Java, and always encryped.

  16. Cryptoheaven by illogic · · Score: 1

    While they don't support PGP, I have used Cryptoheaven casually for over a year and have been fairly impressed. They have a Java client for Windows, Mac, and Linux that runs on your own computer, meaning that the Cryptoheaven servers don't ever see your private key (although they offer to store your key as a convenience option if you choose). It started out as a closed system, meaning only Cryptoheaven members could contact other members, but now they have some kind of internet email gateway for plaintext messages. Anyway, they offer secure email, chat, and storage, with free and 'premium' options. The only questionable aspect is their use of the Rijndael algorithm:

    "All services fully encrypted using the latest technology including an AES symmetric cipher Rijndael with 256 bit encryption keys, SHA-256 message digest function, and asymmetric encryption with keys of 2048-4096 bits in length."

    1. Re:Cryptoheaven by illogic · · Score: 1

      Oh, I forgot to mention their client is fully open source. Woo hoo!

    2. Re:Cryptoheaven by Anonymous Coward · · Score: 0

      I can tell you that I have also been very impressed with the CryptoHeaven service. They update the service all the time, so it only gets better.

      The client is Java based, so what I do is I put the client (along with java) on a USB keychain and use it that way. This allows me to use the service from any computer without having to install the software. I assume the same can be done with CDs.

      In any case, this is more then just secure email, they have an integrated service that allows for secure instant messaging and secure online storage... great for those documents that I always need but don't want to carry with me (for obvious reasons).

      Recently that have released business accounts that allow for hosting one's own domain and for creating user accounts without having to pay for each one... i'll have to try that and give access to some of my new internet friends!

  17. Hushmail doesn't work in Linux? by petard · · Score: 2
    It may be your setup... I've had no problems at all using hushmail under Linux. My setup:
    • Mozilla 1.0.1
    • Sun JDK 1.4.1_01
    • Red Hat 8.0
    It also worked with the same Mozilla and JRE under Red Hat 7.2. It did not work under Mac OS X, but I didn't have time to see what the problem was.
    --
    .sig: file not found
  18. www.ziplip.com by Nevermore-Spoon · · Score: 0

    I've been using http://www.ziplip.com for 2 years now. Slick free high security web based email. And thier uptime has been phenominal. Only once in my entire history of use had they been down, and that day they made a major revision to the site. 5 star service.

    --
    I have great faith in fools; My friends call it self-confidence. Edgar Allan Poe 1809-1845