
Hushmail Backdoors - iand
http://themonetaryfuture.blogspot.co.uk/2009/05/pgp-creator-bolts-to-hush.html?showComment=1309018784191#c7610754517237372617
======
Spooky23
Hushmail was always a strange operation to me anyway. If you need data at rest
encrypted, why trust a third party with the keys? If you need anonymity, why
would you want a key identifying your unique persona?

~~~
TheCondor
You could say that about a lot of cloud based products... Think of the
information in gmail or salesforce.com. The value those tools provide and the
flexibility vs the risk of them improperly using your data and the cost of
running them yourself (likely running them improperly too.). That's the cloud.

What is more interesting is what the EULA said about this sort of thing and if
they hand data over without notification to the owner. I suspect that they
did.

~~~
eli
No, it's different. Hushmail is specifically a _security_ product so it's a
much bigger deal that it is inherently less secure than the alternatives.

~~~
Nelson69
What alternatives? How is it any less secure than another mail host?

~~~
Spooky23
The whole point of Hushmail is that you can use PGP/GPG style mail encryption
via a webmail interface. You could also do this anonymously. They claimed that
it was secure because the PGP stuff was done via a Java applet. It turns out
that

If you have a use case for using content signing and encryption, using a
closed-source Java or other web applet is a pretty weird way to address it.

------
kmfrk
The team behind outlook.com says thanks. :P

Now it's time to put pressure on Microsoft to implement two-factor
authentication and native PGP support.

------
Zenst
WOW, makes you wonder. Digitaly signed and hashed javascript verification
certianly has a market it seems.

~~~
eli
Uh, I guess. Why bother using javascript at all if you need some non-
javascript tool to verify it everytime you use it? Might as well just use GPG
along with any existing mail service.

~~~
stinkytaco
One thought is that you can get PGP functionality from a portable service. If
you brought the javascript with you on a USB drive, you could use it from
computers that were not your own.

Of course you could also install Thunderbird portable on your USB drive and
implement your suggestion as well.

~~~
molo
Why would you ever put your private key within reach of a computer that is not
your own?

~~~
stinkytaco
Travel, work, government exile in hiding.

Lots of reasons. If encryption is ever to become widespread, it needs to
accomodate the myriad of situations that users might need
computing/communication in. Which is a lot.

~~~
ajdecon
I've seen this implemented (in a very special case) with statically-linked GPG
on a USB drive and a Crypto Stick[1]. Better than JavaScript (because you
don't need to rely on an untrustworthy interpreter), and the keys never leave
the smart card. The big limitation is that you need admin access to the system
if you need to install drivers for the smart card.

[1] <http://www.crypto-stick.com/>

