ME on Tue, 19 Oct 1999 19:53:01 +0200 (CEST)


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

<nettime> Fw:Hushmail - a net woven by the fish themselves? + more issues from Loz


>
>Original message from <savage@easynet.co.uk>, forwarded by Cornerstone:
>
>Hi
>
>If you value your freedom, only use hushmail for fun; don't say anything
>you wouldn't say to a cop.
>
>hushmail.com is claiming to provide strong encryption on email via a
>web-based interface.  You can only send encrypted mail to other hushmail
>account holders, so people will obviously encourage their mates to join.
>A very clever net--woven by the fish themselves?
>
>Show me your friends...
>
>Anyway I checked who is hosting the service . It was registered by
>radiant.net who, on their home page, claim that hushmail is just a
>client of theirs. Maybe, but then who owns the company? Safemail enjoys
>a big link on the homepage, while lesser bodies such as Maxim Chemicals
>are relegated to a list on another page. The other clients of
>radiant.net are very interesting. It is a 'British' Columbia internet
>provider exclusively for the 'corporate community'. Bear in mind the
>recent history of BC re environmentalists particularly.
>
>>From their 'about us' page:
>
>"The corporate client needs a higher level of service and attention to
>detail that is just not available from providers dealing with tens of
>thousands of residential users. This dedication to the corporate
>community is exactly the emphasis at Radiant and why Vancouver's
>businesses are migrating to
>Radiant Communications."
>
>Good buddies include:
>
>B.C. Construction Association
>New Westminster Police
>Curlew Lake Resources Inc
>D'N'A Military Import & Supply Inc
>Georgia Pacific Securities Corporation
>Hyatt Industries
>Kerrisdale Lumber
>Maxim Chemicals
>Mineral Development Group
>Pacific Metals Ltd.
>Rubicon Minerals Corporation
>Vancouver Condominium Services
>
>and yes, the western canada wilderness comittee is in there too, but to
>me that is no less corporate.
>
>Well, call me paranoid if you like but it seems to me that it would be
>very easy for a bunch of good buddy loggers and miners to get together
>with the NW police and their extremely wealthy local internet experts
>(not to mention the local redneck militia supplier) to provide this nice easy
>crypto-mail service and erm... help out all the activists they love so much.
>
>Peer Review
>
>A prerequisite for any encryption algorythm to be taken seriously is
>that the source code be available for scrutiny by other cryptographic
>experts. This is the only way ordinary folks can assure themselves that
>the thing they use is actually secure. If many experts over a period of
>years have been unable to mount aq sucessful attack on the encryption,
>then there is a good chance that it is ok. There is too much to go into
>here, but although hushmail's stuff is publicly available, I haven't
>found much peer review (lots of advertising of course).
>
>A good summary of some of the cons is at:
>
>http://www.counterpane.com/crypto-gram-9908.html#Web-BasedEncryptedE-Mail
>
>People I have corresponded with who are in the business of strong
>encryption have confirmed my hunches. Anyone who knows anything about
>security wouldn't touch this with someone else's computer, methinks. But
>that's not who they are after, obviously. People need to be warned and
>we need to find out more. It could well be bona fide, or at least
>well-intentioned, but there is not enough information provided to know
>that.  As this can possibly be a matter of being imprisoned for some
>people, I think warnings should be prepared and circulated, unless
>someone with more knowledge than me can show it is as secure as pgp.
>
>Any help appreciated. If you think this will do as a warning then feel
>free to forward it to people you care about.
>
>Andy
>
>PS: Nearly forgot;
>http://www.radiant.net/
>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>[Merits of www.hushmail.com/ snipped]
>
>hmmm... A "secure encrypted email service" based on the Web.  By a
>company that can't code HTML properly (The links in their FAQ are
>mostly broken due to a simple oversight) - thats just the basics,
>how much room is there to screw up something that matters ?
>
>No, it doesn't give me much confidence, which is a shame coz its
>a great idea.
>
>regards
> - Loz.
>
>loz@bosh.org
Sender: owner-nettime-l@bbs.thing.net
Precedence: bulk

"There are no limits to creativity . There is no end to subversion."
Raoul Vaneigem - The Revolution of Everyday Life.


#  distributed via <nettime>: no commercial use without permission
#  <nettime> is a moderated mailing list for net criticism,
#  collaborative text filtering and cultural politics of the nets
#  more info: majordomo@bbs.thing.net and "info nettime-l" in the msg body
#  archive: http://www.nettime.org contact: nettime@bbs.thing.net