Hushmail in U.S. v. Tyler Stumbo

John Levine johnl at
Thu Nov 1 18:57:51 EDT 2007

>I'm sorry, but that's a slur. Hushmail is not a scam. They do a very  
>good job of explaining what they do, what they cannot do, and against  
>which threats they protect.

Have you looked at Hushmail lately?  Before I sent that note, I signed
up for an account and sent myself a few messages to be sure I
understood what happens.  They really did generate a PGP key for me
when I signed up.  At least I think they did, the Java thingie that
was supposed to let me download a copy of the key didn't work, but the
mail arrived with a reasonable looking PGP signature.  It also let me
upload my public key for my regular address so Hushmail users can send
me PGP mail.

If you want Web mail that does PGP inbound and outbound, they do a
perfectly fine job, but I suspect that interception in transit isn't
the threat that most users are worried about.

As far as explaining what they do, here's a typical piece of blurbage
snipped from Hushmail's web site.

  By contrast, Hushmail keeps your online communications private and
  secure. Not even a Hushmail employee with access to our servers can
  read your encrypted email, since each message is uniquely encoded
  before it leaves your computer.

In fact they sent and received my mail through an https web site so
although it is encoded in transit (https from me to them, PHP from
them to the other end), it's in the clear at their end.

>You also mischaracterize the Hushmail system. The "classic" Hushmail  
>does not generate the keys

That may well be true, but that's not what I got when I signed up last
night.  Take a look, sign up for one of their free accounts, and see
if you agree with my description of what it does.


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list