Is Hushmail Still Safe?

Originally published at
I have been talking to quite a few people about Hushmail and I have been getting mixed reviews. A question from a friend prompted me to further investigate if Hushmail is still safe. For a long time, Hushmail was considered a very secure email provider until an affidavit from a DEA agent in 2007 raised concerns.

Up until this affadavit was released, it was assumed by Hushmail users that nobody including Hushmail could read their emails if they used the built-in encryption options. A number of articles spring up criticising Hushmail for handing over 12 CDs of data to Canadian authorities. A lot of activists use hushmail, so I think this article is particularly important for them.

According to Hushmail, they will comply with any court orders that are valid in Canada. Because Hushmail is located in Canada, this is a reasonable thing to do. So how did the DEA get ahold of these emails if they couldn't issue an order under a Canadian court? They did it using the Mutual Legal Assistance Process. The MLAT is a process where a court in say, the United States, can issue a court order, send it over to a country where they have a MLAT treaty, and have it executed there. Some MLAT agreements only cover things like narco-trafficing, while others cover all legal proceedings. According to The Organization of American States, Canada has MLATs with Antigua and Barbuda, Argentina, Barbados, Bolivia, Chile, Colombia, Ecuador, El Salvador, Guatemala, Haiti, Jamaica, Mexico, Nicaragua, Panama, Paraguay, Peru, The Bahamas, Trinidad and Tobago, the United States, and Uruguay. So if you are worried about the courts in any of those countries, many of which could probably be bought, taking your data to Canada won't make it much safer.

So we know that the data from these accounts was handed over to US authorities, but if it's encrypted then nobody including Hushmail should be able to see it right? Unfortunately for you, Hushmail stores your private encryption keys and a hashed version of your password. With a court order, Hushmail could be obligated to turn over your private key and the hashed version of your password. Hushmail doesn't state what type of hashing algorithm they use for the passphrases, but hashes are extremely easy to crack. An average computer can crack a 10-character hash in about a day, and a law enforcement computer that's dedicated to doing it could probably do it in about a half-hour. The longer your password, the safer you'll be but even with a really long password, it would still be crackable. If you are not using Hushmail's Java client, then your passphrase will be sent to Hushmail before it is hashed. A court could order them to intercept this data or modify the Java program to do their dirty work for them.

Update: The post on cryptome has changed and it looks like the checksums do add up if you remove the debug data. Now we can be assured that there is no backdoor According to a post on Cryptome from August of 2008, Hushmail might have done just that. Hushmail provides copies of the source code for their Java program so that users can verify the security of the program. The jar file in the source release is not the same jar file that you receive from the Hushmail mail server when you use Hushmail. This could just be a mistake where the Hushmail developers forgot to upload the new version of the source code, but having that mistake posted on Cryptome should have caused it to be cleared up very quickly. What is possible (and in my opinion, more likely) is that there is some reason that the new source code was not posted.

It should be noted that Hushmail has been incredibly open about their security procedures and where users face risks. They provide users with a full run-down is how their data is handled and how the encryption process occurs. This is a huge leap from most other email providers who won't tell you anything. If it is true that Hushmail has backdoored their encryption program, this is incredibly sad but we have seen other applications go this direction and the state doesn't like the idea of people being able to do things in secret.

Even with all the evidence mounting against Hushmail, they still offer more security and transparency than most online email hosts. If you use a program such as Thunderbird bundled with Enigmail or a regular PGP encryption tool such as GNUPG (Windows users go here)with your *own* private key, then you don't have to worry too much about Hushmail giving you up. At the worst, your adversaries will have a bunch of worthless jumbled text. You should disable things like Java when you're browsing anyways because of how Java applets can violate your privacy. I suggest NoScript for getting the job done. For the average user, Hushmail still beats services like Gmail and Yahoo Mail hands down, even if their encryption system is backdoored.


It's all incredibly confusing isn't it?
The lengths that people go to get what they want....