Hushmail alternatives

[mojo_fit]

Anyone have a recommended alternative to hushmail?

[dhriscerr]

Lets not put this on the open forum because then Feds can figure out what other secure sites we might be using and tap into them also.

[mojo_fit]

Lol your right , bad thinkin on my part

[scaramouche]

[RuhlFreak55]

well if someone wants to PM me the popular choice i'd be appreciative

[ricker35910]

well if someone wants to PM me the popular choice i'd be appreciative

you have a pm

[TAPPER]

It’s called encrypting your own emails people!!!!!!!!!!!!!

ALL of the “services” out there retain specific data unique to you on their servers that is necessary to encrypt/decrypt your information. If they didn’t do this you would need to exchange keys with everyone you wanted to send an encrypted email to. If you had to do all that why would anyone use their “service”???? All they do is make the encryption process more covenant, but as we have seen with Hushmail this leaves you vulnerable if LE gets involved.

One more time for the people with that deer in the headlights look………

Using a different “service” to encrypt your emails is NOT going to protect you any better than Hushmail can.

[Second2None]

pm me

[RuhlFreak55]

It’s called encrypting your own emails people!!!!!!!!!!!!!

ALL of the “services” out there retain specific data unique to you on their servers that is necessary to encrypt/decrypt your information. If they didn’t do this you would need to exchange keys with everyone you wanted to send an encrypted email to. If you had to do all that why would anyone use their “service”???? All they do is make the encryption process more covenant, but as we have seen with Hushmail this leaves you vulnerable if LE gets involved.

One more time for the people with that deer in the headlights look………

Using a different “service” to encrypt your emails is NOT going to protect you any better than Hushmail can.

if both parties need a key how in hell would you communicate with your source???????? he wont have your key for the email..

[scaramouche]

what about if this 'service' were offshore and not subject to us laws

It’s called encrypting your own emails people!!!!!!!!!!!!!

ALL of the “services” out there retain specific data unique to you on their servers that is necessary to encrypt/decrypt your information. If they didn’t do this you would need to exchange keys with everyone you wanted to send an encrypted email to. If you had to do all that why would anyone use their “service”???? All they do is make the encryption process more covenant, but as we have seen with Hushmail this leaves you vulnerable if LE gets involved.

One more time for the people with that deer in the headlights look………

Using a different “service” to encrypt your emails is NOT going to protect you any better than Hushmail can.

[TAPPER]

Originally posted by: RuhlFreak55

if both parties need a key how in hell would you communicate with your source???????? he wont have your key for the email..

You need to exchange public keys beforehand. For instance, Source X might use one email provider for non-business discussions, PM or temp url link to transfer keys, and a separate email provider for encrypted business related discussions.

Granted, it can be a PITA to get people up and running but once in place it’s very simple to use. The upside is that it totally removes the vulnerability of using a third party to perform the encryption/decryption process. It also helps to insulate one customer’s communications from another in the event the email provider cooperates with LE.

For example; if Source X uses a service to encrypt/decrypt emails and it becomes compromised, theoretically LE could read every single communication that the source had stored/sent. All those customers are now vulnerable. On the other hand if the source/customers were to encrypt/decrypt their own emails and the email provider was compromised, all LE would get was encrypt emails. Without the key LE isn’t going to decrypt them so they would have to bust the source before those customers became exposed.

Originally posted by: scaramouche

what about if this 'service' were offshore and not subject to us laws

Talk to anyone in the drug community and 9 out of 10 will tell you an “offshore servers” doesn’t mean squat. Lots of people have been busted by underestimating the reach and influence of the US government. Although you might just be an end user your source might be involved in all sorts of illicit activities and as we have seen a source doesn’t have to be Pablo Escobar to grab the attention of the DEA.

US v Tyler Stumbo http://static.bakersfield.com/smedia...filiate.25.pdf
details the use of a Mutual Legal Assistance (MLAT) and Other Agreement with Canada to acquire the Hushmail account data. If you go here: http://travel.state.gov/law/info/jud...icial_690.html and scroll down there is a list of numerous countries that have MLAT agreements with the US.

IMO, the only countries that wouldn’t aid the US with access to this type of data would be the axis-of-evil, enemies of the state types. Now, if there was enough money in it for the countries involved maintaining “offshore” servers might fly, such as in the case of the Bahamas and their tax shelters, but access to some email accounts to bust a few people probably happens with only a phone call and then they fill in the legal doc’s if things pan out. (speculation)

[freakon]

as far as email that can be decrypted what about self destructing emails? they are supposed to selfdestruct after the email is viewed.i have several links to a few, although i have never used them it is good to know that i have that option

[TAPPER]

^^ I’m not very familiar with these but from what I have read that you are still relying on a service provider to delete the email from their servers after a predetermined amount of time has expired. This doesn’t prevent them from collaborating with LE and erased data can readily be recovered in many situations.