Last week, I described here how U.S. investigators forced Hushmail, a leading provider of e-mail privacy solutions, to divulge copies of decrypted, "plain text" e-mail messages.
At the time, it appeared that only one form of the encryption Hushmail uses was compromised. But I've now learned that the company has developed techniques to eavesdrop on all users, albeit only in response to a valid court order.
A little background: in 1999, Hushmail, based in British Columbia, Canada, introduced a revolutionary service to make sending and receiving encrypted e-mail easier and faster. Hushmail allows users to send and receive encrypted e-mail messages through a Web-based interface similar to Yahoo! or Hotmail e-mail.
The original—and supposedly surveillance-proof—encryption "engine" works by sending your PC a Java "applet" that performs the encryption. Since the encryption occurs on your PC, Hushmail supposedly has no access to unencrypted messages. Indeed, Hushmail promoted this capability by stating:
… Not even a Hushmail employee with access to our servers can read your encrypted e-mail, since each message is uniquely encoded before it leaves your computer."
Loading a Java "applet" takes a few seconds and delays access to a Hushmail account. Some Hushmail users didn't want to wait. So, in 2006, Hushmail developed a service that didn't require the applet. In this service, encryption occurs in Hushmail's own servers, not in your PC. This introduced an obvious vulnerability, which Hushmail confirmed earlier this month. The company announced that in response to a Canadian court order, it had turned over 12 CDs worth of plain-text e-mail messages to U.S. investigators.
It now appears that Hushmail can send a "poisoned" applet to subscribers using the original, Java-based service. That applet sends the targeted user's passphrase back to Hushmail, thus giving investigators access to the "plain text" of all stored e-mails and any future e-mail sent or received. Again, this evidently occurs only after Hushmail receives a valid court order requiring it to turn over plain text messages from a targeted account.
According to Brian Smith, Hushmail's Chief Technology Officer, "The extra security given by the Java applet is not particularly relevant, in the practical sense, if an individual account is targeted."
Hushmail remains preferable to the alternative followed by 99.9% of e-mail users—sending unencrypted messages in "plain text." Reading these messages is remarkably simple. E-mail also has less legal protection than telephone calls, particularly with regard to messages stored in a Web based system.
However, if you're seeking stronger protection, encryption programs you install on your PC, such as PGP, are superior to Hushmail. PGP isn't immune to attacks (e.g., an investigator might plant "Trojan Horse" software to steal your encryption keys and passphrase), but, properly used, it offers an extremely high level of security.
Copyright © 2007 by Mark Nestmann, LL.M.
Comments