Hushmail Can Read Your Encrypted Mail

Discussion in 'privacy technology' started by Jim Verard, Nov 8, 2007.

Thread Status:
Not open for further replies.
  1. Jim Verard

    Jim Verard Registered Member

    Joined:
    Jun 5, 2007
    Posts:
    205
    Read the whole Wired article/story here
    Source: - Steve Topletz - Portable Privacy blog
     
    Last edited by a moderator: Nov 8, 2007
  2. LockBox

    LockBox Registered Member

    Joined:
    Nov 20, 2004
    Posts:
    2,275
    Location:
    Here, There and Everywhere
    Not U.S. agents, but Canadian (at least not diirectly).

    Still, I cancelled my HushMail account yesterday. Inexcusable.
     
  3. Jim Verard

    Jim Verard Registered Member

    Joined:
    Jun 5, 2007
    Posts:
    205
    I never heard of such email provider before, but one thing I know for sure.

    There's no such service who are committed with anyone's privacy out there.

    Most of these services have bad privacy policies, which states that they are perfectly ready to disclose your informations if required by government authorities, by any applicable law (which one? there are good and bad laws out there...) and to defend their own property, and in case of any "violations of rights" of any third (and interested) parties.

    Someday I even found a TOS which states "we will disclose your data in order to defend our property, dignity and innocence or to enforce these terms". Good lord. :rolleyes:

    I find all of those privacy policies very disgusting. Email providers may sell us out in exchange of a nickel, using surveillance practices, data retention, fishing expedition, whatever. How I loathe these people! A bunch of bastards and traitors who deserves nothing less than burn in hell.

    Even if some company is required by laws of their country, the most logical situation should not place these warnings on any terms of service, or privacy policy. If I was the owner of a email provider, my privacy policy should be exactly like this:

    - We don't log, we don't monitor what users do;

    - We destroy every possible logs who might identify any users and their activities after 30 days;

    - Users can remove their own accounts, and any data related to them is destroyed for good;


    That's it. No traces of any information about how the company complies with authorities, and even if they are required by some jurisdiction, no data will ever be found. Ever.

    They might even remove every information regarding their policy, and work the same way. To be less specific, they can explain how they protect everyone's privacy, and not mention how they proceed to such claims.

    Xerobank's way of dealing with such requests (see this explanation) may be followed as well.
     
    Last edited: Nov 10, 2007
  4. Dogbiscuit

    Dogbiscuit Guest

    :blink: :blink: :blink:

    I suppose the rule of law is overrated. ;)
     
    Last edited by a moderator: Nov 10, 2007
Loading...
Thread Status:
Not open for further replies.