It appears that Hushmail isn’t quite as secure as it was initially thought to be.
Up to this point, it was thought that Hushmail was completely secure as messages were stored encrypted. Indeed Hushmail used to boast that not even their engineers would be able to read messages of users.
A Californian court has recently heard how the Drug Enforcement Agency (DEA) made a request – via a court order – to the Hushmail operating company to turn over emails of three Hushmail accounts, they agreed and delivered 12 CDs full of emails. Encrypted emails.
So how did the DEA get access to the clear versions of the email?
There’s two front ends to Hushmail, one where the message is encrypted at the client end using a Java client, the other runs on the Hushmail servers via a secure SSL connection.
With the latter, the pass-phrase is temporarily stored on the server and it appears that the DEA gained an additional legal order to tap into this, thus enabling them to unlock the contents of the 12 CDs worth of email.
Wired, who have covered the story, carried out an interview with Hushmail’s CTO Brian Smith, clarified Hushmail’s position, “[Hushmail] is useful for avoiding general Carnivore-type government surveillance, and protecting your data from hackers, but definitely not suitable for protecting your data if you are engaging in illegal activity that could result in a Canadian court order.”
They also praised Hushmail for being fully open about the situation, “deserves credit for its frank and open replies (.pdf). Such candor is hard to come by these days, especially since most ISPs won’t even tell you how long they hold onto your IP address or if they sell your web-surfing habits to the highest bidders.”
Where does that leave Hushmail?
This is a serious blow for the Hushmail service as it’s highly likely that the majority of its users assumed their emails were completely secure. While the use of the Java front end would avoid the cracking method used in this case, it’s not clear that even the Java method is without the possibility of being compromised.
It’s important to remember that this account that was opened was being used for illegal activity, so was subject to special legal pressure – rules that wouldn’t be called in if your chatting to your fancy man/lady without your partner finding out.