http://www.dslreports.com/shownews/Hushmail-Privacy-Limits-Revealed-89283

 

Hushmail Privacy Limits Revealed
Significant difference in java, non-java versions
01:20PM Friday Nov 09 2007 by Karl

***Begin Quote***

Hushmail offers encrypted e-mail services for the paranoid and/or privacy conscious. The company uses cryptographic and encryption protocols OpenPGP and AES 256 to scramble the contents of messages stored on their servers. According to the company, “not even a Hushmail employee with access to our servers can read your encrypted e-mail, since each message is uniquely encoded before it leaves your computer.”

However, Wired News’s threat level blog notes that this protection only goes so far. The blog notes that one version of the company’s platform contains a loophole that allows law enforcement to request un-encrypted messages en masse, defeating the purpose for some of the service’s regular clientelle:
A September court document (.pdf) from a federal prosecution of alleged steroid dealers reveals the Canadian company turned over 12 CDs worth of e-mails from three Hushmail accounts, following a court order obtained through a mutual assistance treaty between the U.S. and Canada.

***End Quote***

Don’t bet your freedom on anything you don’t control.

# # # # #