Secure, Web-based E-mail 76
Cal Godot writes "I've come across this interesting company, HUSMAIL.COM, that provides secure, encrypted, web-based email. They're pretty new, still working out a few kinks, and want people to take a look. (Bug reports should be sent to bugs@hushmail.com, by the way.) The URL is
https://www.hushmail.com
The whole thing works via a Java applet, and requires the latest-greatest web browsers. Source code is also
availible. It's all built around public/private key encryption, using a 1024-bit Diffie-Helman scheme. "
Legal Policy questions about HushMail unanswered. (Score:1)
policy concerning Subpenas and/or Court Ordered
searches. Are they under US juristiction?
For me (I'm no criminal) the ultimate test
of Anonymity and Security would be the systems
ability to deflect a full fledged FBI investigation.
Nothing can beat a chain of CypherPunks remailers
located in a series of Foreign Countries.
Are chains of Anonymous Remailers still available?
How can I decouple my ISP assigned IP address
from my personal identity? I suppose a Free
ISP service accessible from a pay telephone
might work. Any other ideas?
Secure? Not enough for me! (Score:1)
Unless you don't mind the NSA, FBI, CIA, SIS(UK), SIS(PT), etc, etc smooping through your data.
Re:Vunerabilities (Score:1)
Re:Where's the difference??? (Score:1)
Firstly, the difference is that "brute force attack" and "dictionary attack" are commonly used terms. You could also call your HD space "memory", and it's conceptually (partly) correct, but it's technically wrong.
The important difference is that the list of "words" is not "short" as far as a decent computer is concerned, but the set of possible combinations is.
i will help you out a little, there is no real difference! just because the deffinition of elements is different dosent make the method of attack any different.
The method of attack is similar, but the level of effectiveness is somewhat different. If I have your /etc/passwd file containing weak passwords, I can crack them with a dictionary attack. OTOH, to crack them with a brute force attack would require a supercomputer.
-- Donovan
Here's the difference (Score:2)
A brute force attack is when you attempt to exhaust the entire solution space. Example: If you were to brute force a typical 4 digit PIN, you would try 0000, 0001, 0002, ..., 9998, 9999 since you know it HAS to be one of those 10,000 possibilities.
A dictionary attack is when you take a long list of common words and check if any of them works as the password.
Yes, they are still around (Score:3)
Oh my, yes! Go here for lots of up-to-the-minute stats:
http://anon.efga.org/~rlist/ [efga.org]
(As an aside, it really irritates me when people think remailers don't exit anymore because anon.penet.fi went away a long time ago.)
Re:SMAIL.ORG (Score:1)
Hmm.. neither of those sites appear to be working.
-= NJV =-
Vunerabilities (Score:4)
For me, I don't care about the security of my email, just that I can get it 24/7 and quickly (which is why I dumped hotmail for joymail [joymail.com]). I honestly don't think that many people will care enough to use Java for their email. Especially not considering how slow it is. Still, I might just create an account, just for a laugh...
Matt.
perl -e 'print scalar reverse q(\)-:
Diffie-Hellman insecure (Score:2)
Short story is that the DH encryption problem really isn't the same as the knapsack problem--some unimportant simplifications turned out to be important.
Re: Another Bait and Switch Like USA.NET/Netaddres (Score:1)
In other words, you both are correct.
Re:Looks sketchy (Score:1)
Now, if they were at aol.com, I'd be nervous.
Re:JAPH.... (Score:1)
Uhhm... shouldn't that be:
"perl -e 'print scalar reverse q(\)-:
(Note the *last* "\")
Re:Hummm..... (Score:1)
Hummm..... (Score:5)
BTW, what are the chances of
Re: Another Bait and Switch Like USA.NET/Netaddres (Score:1)
yahoo most certainly does have pop access and i believe hotmail does as well.
"The lie, Mr. Mulder, is most convincingly hidden between two truths."
What about ITAR? (Score:1)
Another Bait and Switch Like USA.NET/Netaddress? (Score:1)
Those bastards lured me in with free Pop access and email forwarding and then switched to 'offering' every little option at a dollar a month each. They stayed free long enough to let people become reasonably dependent upon them, and then made their move.
Lesson learned, I reckon.
These guys could do the same. "Look!" "We're free! We're secure! We have no heads!"
Whatever they do is just a bit of flash to get you to click on their banner ads, intentionally or otherwise. Inevitably, they will look into more annoying ways to get you to click on even more banner ads, making sure it takes a good long time for you to read even a single message so their sponsors know you're soaking in all that advertising.
I understand and sympathize with the motivation for this, but have no interest in taking part in their little business.
They are providing source (Score:3)
How can it be proved that the HushMail system is actually secure?
Simply put, the most important aspect of any computer security system is the ability for lots people to test it as well as possible. The Java Source Code of HushMail is available to everyone, free. Security experts worldwide have the unrestricted ability to try and find any security holes. We are completely open to this form of peer review, as we believe this makes for the strongest systems available today. Our source code is open to you. Please view it at your leisure. It can be found at http://www.cypherpunks.ai/~hush/hush-src.102.zip. In addition, a description of the functionality of the system is available here.
I have at least one reason I would use something like this: If I want an anonymous account that can't be traced back to me in case I don't want my job or people I know knowing it's me. This is an easy way of doing it without needing an anonymous remailer.
For anyone who requires Web-based email (Score:3)
Not everyone has a local system to install PGP onto.
Who's this for? The same crowd that uses Yahoo mail, hotmail, etc. Joke all you want, but there are legitimate uses. Notably, for people who can't afford to own a computer and must do all online activity through browsers at libraries, schools, cafes, etc. You'd be surprised how many homeless people have an active online presence.
Granted, they'll never be secure as long as they trust this third party to handle their encryption. But it's a couple steps better than unencrypted Web-based email.
I'm really glad this is happening. With luck, all the other Web-based email services will add encryption too, at least in the mail that gets sent out. The sooner we have a critical mass of the email world using encryption, the sooner it will be considered standard.
Looks sketchy (Score:3)
Domain Name: HUSHMAIL.COM
Administrative Contact:
Hush Communications, Admin acct. (HC507-ORG) hushadmn@HOTMAIL.COM
(512)-441-0205
Fax- (512)-441-8052
Technical Contact, Zone Contact:
Hush Communications, Tech acct. (HC508-ORG) hushtech@YAHOO.COM
(512)-441-0205
Fax- (512)-441-8052
Billing Contact:
Hush Communications, Admin acct. (HC507-ORG) hushadmn@HOTMAIL.COM
(512)-441-0205
Fax- (512)-441-8052
Note the Hotmail and Yahoo accounts listed.
Good to see (Score:1)
*static* *number* of -'s, and I don't see where they limit the size of the message to that size...
Just as an example.)
But still, I see this as a big step up from, say, hotmail. No passwords being sent in the clear
accross the net... (is that the case for hotmail? I'm not sure - never used it.
Maybe someone'll become ambitious and work in some cryptix code so you *could* send encrypted mail to
non-hush users...
Of course, I tried to create an account twice and isn't working. Not that I have use for such an
account.
Trust problems (Score:1)
2. Outside attacker hacks Hushmail, gets your encrypted private key, runs dictionary attack. You're being asked to trust Hushmail to prevent this.
3. You access Hushmail from some public machine, and the machine you're on pulls your decrypted private key right out of the Hushmail applet.
Re:Secure? Not enough for me! (Score:1)
AtW,
http://www.investigatio.com [investigatio.com]
Re:real security experts? (Score:1)
There is an enormous difference between trying all possible combinations, and trying a few selected combinations.
you must also have a very long list of all the different types of brute-force attacks that aren't really brute-force attacks because they use different types of elements.
Any attack that uses a selected set of elements ( eg "words" ) is a dictionary attack. A "dictionary attack" needn't just use a standard english dictionary, it is a list of intelligent guesses at user passwords. ( for example, slang words, obscenties , phrases, etc must be included for it to be effective )
On the other hand, a brute force attack is distinct in that it uses all possible combinations.
Re:ha ha ! (Score:1)
Big fat hairy deal (Score:1)
Re: Another Bait and Switch Like USA.NET/Netaddres (Score:1)
(~/html/newearth/newearth/src)-- telnet mta-x1.yahoomail.com pop3
Trying 205.180.60.117...
telnet: connect to address 205.180.60.117: Connection refused
telnet: connect to address 205.180.60.58: Connection refused
telnet: connect to address 205.180.60.224: Connection refused
telnet: connect to address 205.180.60.30: Connection refused
telnet: connect to address 205.180.60.116: Connection refused
telnet: connect to address 205.180.60.125: Connection refused
telnet: connect to address 205.180.60.83: Connection refused
telnet: Unable to connect to remote host: Connection refused
(azul@azul)-(60/ttyp2)-(05/14/99:01:43pm)--
(~/html/newearth/newearth/src)-- telnet pop3.yahoo.com pop3
pop3.yahoo.com: Unknown host
(azul@azul)-(61/ttyp2)-(05/14/99:01:44pm)--
(~/html/newearth/newearth/src)-- telnet mail.yahoo.com pop3
Trying 205.180.60.98...
telnet: connect to address 205.180.60.98: Connection refused
telnet: connect to address 205.180.60.97: Connection refused
telnet: Unable to connect to remote host: Connection refused
(azul@azul)-(62/ttyp2)-(05/14/99:01:44pm)--
(~/html/newearth/newearth/src)--
What's their POP3 server?
Alejo.
Re:real security experts? (Score:1)
In dictionary attacks you usually take a few thousand words and then check them against every account in the server, hoping a small number of accounts will have its password set to any of those common words.
In brute-force attacks, you typically try every possible combination of characters against only one account.
Dictionary attacks are usually more useful to get some random accounts in a system, while brute-force attacks are typically used to get the password of one specific account (ie. root).
Lets imagine you know all passwords are 8 characters long. With brute force attacks you usually make around (128 characters - 32 control codes) ^ 8 digits = 7.213.895.789.838.336 attempts (okay, usually less characters... but still). In dictionary attacks you usually try 10.000 passwords * 1000 accounts = 10.000.000 attempts.
Dictionary attacks usually get you more accounts in less time, but usually not the ones you want (unless the sysadmin is stupid).
I have no idea of how PGP *really* works, but I suppose that no one would ever use dictionary based attacks to decrypt PGP encrypted messages, since the private key is not a simple word. In this case you have to do brute-force with no optimization.
In theory both methods are the same, dictionary means you just try highly used passwords, but they have their differences in practice.
Alejo.
Re:What's the difference (Score:1)
Re:Java - no thank you. (Score:2)
Hushmail and FBI(etc)-oppressed nations (Score:1)
No legalese, but they did in fact seem to address this in their FAQ (even while making no specific committments.)
From Hushmail's FAQ:
Your reference to the FBI implies you are in the United States. The years I spent in that country certainly show it to be an "oppressed nation," (and becoming more so with the passage of time.)
I agree, chained remailers are the best solution (and yes, of course they are still available.)
Re: free ISP/pay telephones: Public access terminals such as libraries may be a lower-tech solution, especially if the site doesn't log identities with time of use. It still ties the message to a geographic location of course though, but offers the advantage of being a method accessible to greater numbers of users. After all, if "everyone" used anonymous/secure mailing on a routine basis, it would stand out less and would result in a more spook-unfriendly solution, which seems to be your desire. Two ends would be acheived, one, the volume the spooks would need to process (thereby increasing their budgets to the point of accountability,) and two, the "mindshare" in the general populus.
All in all, while Hushmail may be far from a perfect solution, I am glad to see the trend toward increased awareness of privacy issues which it represents. Now what we need to do is educate the masses about the concept that weak privacy is worse than none at all (similar to the argument presented in PGP's docs in early versions.)
BTW, I have not yet examined the source code for Hushmail (but also don't have an account there so can be "forgiven." :) )
Have others here yet? Is it secure?
(Brute force v. dictionary)&(Basic password se (Score:1)
The difference. Pay attention this time [slashdot.org]
And if that doesn't work, paste the following into your browser heheh.http://slashdot.org/comments.pl?sid=99/05/14/125 2215&pid=488#803
(Perhaps I shouldn't attempt to educate ignorant AC's in the future? Nah, that's no solution.)
Re:Secure? Not enough for me! (Score:1)
Unless the source is open, you've inspected it and trust it, and ...
... you somehow know they're using the source you have inspected. I'm not sure how to ensure the last part though.
(BTW, these people don't appear to be *selling* anything other than advertising.)
The difference, in one word (Score:1)
TIME.
Since you're an AC, you wouldn't be filtering out AC comments, so I'll not include a pointer to my other replies. A password buys time, nothing more. If that time is sufficient, it is acceptable.
Re:ZipLip.com doing the same thing (Score:1)
The difference. Pay attention this time (Score:2)
Example time. You have a password, say it's 8 characters long. For the sake of simplicity-of-example, let's say all characters must be alphabetic and upper-case. (Obviously, this is a very insecure system, but it's only for example.)
Let's say you are lame, and choose P-A-S-S-W-O-R-D.
If a cracker attempts to break your password by manually trying each word in a dictionary, this could take a long time, but would certainly succeed. If the same cracker automates the process by trying each word in a text file such as /usr/dict/words, it would take a lot less time, and also be certain to succeed.
The above is known as a "dictionary attack" for obvious reasons. BTW, the more effective variations include subverting such common lame attempts to "improve" ths security of a password by changing letters to numbers (password -> passw0rd) by including these variants in the text file (or a tiny algorithm) so don't rely upon such.
Let's say you instead chose N-X-B-Q-R-K-Y-V as your password.
A dictionary attack would not succeed against such a password. Not only is N-X-B-Q-R-K-Y-V not to be found in Merriam-Webster, but it is not contained in any of the enhanced lists of "words" that are available for password cracking.
Can a cracker defeat such a password? Certainly. Manually, it would require a ridiculous amount of typing (or phenomenal luck.) But how about an automated solution?
It is trivial to write a routine to test A-A-A-A-A-A-A-A, then A-A-A-A-A-A-A-B, then A-A-A-A-A-A-A-C, and so on (which is known as a "brute force" attack, btw.) Writing the routine isn't the issue, running it is. The security of a password is based solely upon *how*long* it takes an attacker to guess it, right?
A brute force attack, by definition, will always succeed, if carried out to completion, since, by definition, it tests every possible combination of characters. A dictionary attack will only succeed against "common" passwords (such as those containing only "words" (or variants) and their combinations (such as TASTY-BUG.)) The advantage of a dictionary attack over a brute force attack is that it takes a lot less time to run, and is likely to be successful much sooner, since most people, sadly enough, are either lazy or uneducated or perhaps both, and choose very insecure passwords/passphrases.
Now, let's leave the world of this example, and enter the world of more security. Passwords would not be limited to just A through Z. We could add 0 through 9. Each additional possible character would increase the number of potential passwords exponentially, since each of the eight positions could now contain that character. We could then remove the case sensitivity requirement and add a through z. We could then add a number of "special characters." To add each of these to the above brute force routine would also be trivial, taking well under a minute. To actually run that routine through to completion however would become more and more time-consuming, to the point of being "unattainable" using (ahem) "today's technology" (especially if we removed the eight-character restriction.) For more on this principle, consult a math text book regarding "permutations." :-)
Password "security" == Estimated-time-to-crack-it. A "good" password will protect longer than the data inside needs protection. "Foever" requires more than just a password/passphrase.
Re:Anonymity and encryption are different (Score:1)
Re:What about ITAR? (Score:1)
Re:What about ITAR? (Score:1)
"if you wish to contact us, please send email to info@hushcom.com. We may also be reached at our marketing headquarters in Austin, Texas, at (512)-472-4630, or via FAX at (512)-472-4631. To reach our other offices, email to the above address will be routed accordingly, or alternately you may FAX us at (264)-497-2177 (Anguilla, BWI office) or (604)-608-0999 (Vancouver, Canada office). "
Java - no thank you. (Score:2)
btw check what they say about passphrases: Note that the passphrase in our example is not a common phrase, such as a quote, a song lyric, or a general exclamation that could be compromised via hacker "brute-force" attacks.
Just lost my faith in these guys, real security experts should know the difference between brute-force and dictionary attacks.
Re:JAPH.... (Score:1)
----------
SMAIL.ORG (Score:1)
who's this for, again? (Score:4)
i'm sure the java solution performs the encryption locally and never sends anything plaintext to the hushmail server (otherwise what would be the point) but it seems to be more hassle than it's worth.
i'm not saying this isn't useful; i'm just curious as to exactly what demographic they're aiming at. people who are already anal about their privacy will know how to do their own secure email; and people who don't go crazy about privacy and/or don't know how to use PGP will probably just go and use a more straightforward webmail service.
Standards (Score:2)
Jason Dufair
"Those who know don't have the words to tell
ZipLip.com doing the same thing (Score:1)
Todd
Not really a secure e-mail... (Score:4)
PGP all the way!
Re:So what... (Score:1)
Sure their email may be secure vs a basic dictionary attack. But they're using "brute force" cause it's a buzz word, without even understanding what the phrase means. In any case, as has been pointed out, their intended audience won't know/care about the difference.
-Michael
JAPH.... (Score:1)
Is their a better way?
(of taking a string, reversing the space seperated fields, as opposed to reversing the fields themselves?)
perl -e 'print scalar reverse q(\)-:
tsuJ rehtona lreP rekcah,
Which may actually be the intended result. The one I listed yields:
Just another Perl hacker,
Given the input string as he had it. Is their an easy way to get the result I got? (note I modified the input string a little...)
Looking for short 1-liners here.
-Michael
Re:Hummm..... (Score:1)
> people's income?
Probably because they want to make their living
by selling advertising -- they can get better
rates with demographic information that lets the
advertisers know their target audience.
I haven't read their privacy policy yet, but most
sites that ask for this information expicitly
state that it is only used for statistical
pruposes (aggregate information).
Anonymity and encryption are different (Score:3)
Until recently the simple way to be anonymous was to set up a hotmail account through www.anonymizer.com and access it only through the anonymizer. Unfortunately, this is broken now, although I'm sure it's easy to find a free e-mail service that works through the anonymizer.
If you are interested in practical anonymity, check out www.zeroknowledge.com. Of course, there is a bunch of other resources on the net.
Kaa
Re:What about ITAR? (Score:1)
The source is on cypherpunks.ai which is located in Anguilla (small island in the Carribean).
Security issues (Score:1)
I contacted them and they confirmed that these issues are known and that they are working on a new version.
Re: Another Bait and Switch Like USA.NET/Netaddres (Score:1)
Re: Another Bait and Switch Like USA.NET/Netaddres (Score:1)
Re:Hummm..... (Score:1)
Having a @slashdot.org address would really be cool, but will Rob have enough H/W and Bandwidth to make it work properly (because I'm there are a lot of people that would be interested)?
So what... (Score:1)
Re:So what... (Score:1)
Re:Trust problems (Score:1)
if MS couldn't get Y2k compliance right, why would you expect them to fare better with the thorny problems of trusted systems?
as a general note: a truly "secure" system is a rarity. remember all the things you're trusting on an "end-to-end" link. it's not just one machine to another. even if you have an encrypted channel, you are trusting the integrity of your OS not to leave pages of your session in accessible memory, you're trusting that there's not a keystroke recorder logging your typing before it goes over the wire, you're assuming that your keyboard cable isn't connected w/a Y-adaptor to someone else's box (!), etc.
anyways, i would just say that while IBM, sun, etc. have the research $$ to get this stuff right, there's no guarantee that they will, and i wouldn't expect it to be correct the first time.
Re:Not really a secure e-mail... (Score:1)
Re:Vunerabilities (Score:1)
data between your PC and their server only protects from a sniffer between your PC and their
server. What about the long, circuitous SMTP path that the email took from the sender to their server? That's all plaintext, open to sniffers as well.
The door's reinforced titanium, but someone left the window open. Client to client PGP still looks like the answer.
Inferno Man
ha ha ! (Score:1)
Re: Another Bait and Switch Like USA.NET/Netaddres (Score:1)
Albeit slowly, both hotmail and yahoo can now be retrieved by any email client by using CWebMail http://www.cwebmail.com.
Before beginning to charge for their POP3 access, usa.net's POP server performance was very unreliable -- timing out 50% of the time.
Admittedly, usa.net's email forwarding service is the best out there, offering variable selective filtering to an unlimited number of addresses. It is good for setting up an intermediate forwarding router for web-hosted domains not having POP/IMAP facility available on full server or virtual server services e.g. http://www.esosoft.net. This is worth $1.00 per month -- otherwise there are many other free forwarding services out there -- some include Web/POP3 access, too.
American Express bought a huge chunk of and a large seat on the board so it is not surprising that usa.net started charging for these basic services (or giving them for free to AMEX card holders).
sennin
Re:Trust problems (Score:1)