Please Scroll Down to See Forums Below
hushmail safety??
- Thread starter Svengali
- Start date
gymratforlife
Banned
Quit assuming shit people no one is getting into hush accounts that easy if they could then every one would keep using yahoo.
enacer420nj
Well-known member
slat1 said:
were they talking specifically about the lab that was busted? Im sure the guy would give up his hush password if he thought it was going to help him.
gjohnson5
New member
Ireland huh??
That beyond US juridiction but they still can cooperate.
do you know if they keep a copy of encrypted communications?
If not , then simply POP your email and use PGP http://www.pgp.com/ to unencrypt to keep them out of your mailbox . Put your hushmail keys in your pgp keyring and that should do it
That beyond US juridiction but they still can cooperate.
do you know if they keep a copy of encrypted communications?
If not , then simply POP your email and use PGP http://www.pgp.com/ to unencrypt to keep them out of your mailbox . Put your hushmail keys in your pgp keyring and that should do it
Access said:
perryscoon
New member
All the emails in the world don't prove a thing until they find gear.
Think about this guys.
You walk up to a cop on the corner and say, "I have a huge bag of cocaine at my house." The cop will either think you're a loon and tell you to away, or he'll arrest you and go get a warrant to search your house. Say he gets a warrant and searches your house and finds nothing. What charges could they possibly file? Pretending to possess coke? lol
But this of course is rediculous because rappers say they have killed people, dealy drugs, pimped hoes, stolen cars, etc. in their songs all the time and you don't see the feds running to arrest them for saying things like that do you?
I think that at best, they could try to give you an "attempting to purchase anabolic steroids" charge if all they could find was emails. And even then, they would have to prove that YOU wrote the emails, which is impossible.
Think about this guys.
You walk up to a cop on the corner and say, "I have a huge bag of cocaine at my house." The cop will either think you're a loon and tell you to away, or he'll arrest you and go get a warrant to search your house. Say he gets a warrant and searches your house and finds nothing. What charges could they possibly file? Pretending to possess coke? lol
But this of course is rediculous because rappers say they have killed people, dealy drugs, pimped hoes, stolen cars, etc. in their songs all the time and you don't see the feds running to arrest them for saying things like that do you?
I think that at best, they could try to give you an "attempting to purchase anabolic steroids" charge if all they could find was emails. And even then, they would have to prove that YOU wrote the emails, which is impossible.
Hush is basically a Java front end for PGP -- training wheels, in other words. PGP is "Pretty Good Privacy." The guy who wrote it didn't make grandiose claims about it, but it's better than anything from WWII.
Here are a few basics -- your key, your passphrase, has got to be LONG and COMPLEX. A program can run through all the possible combinations of eight or ten letters in a few minutes. "Yo mama" is not a good passphrase, in other words. Unless you have to type for a full four seconds to enter your passphrase, you're wasting your time using PGP. All that does is call attention to your mail without really protecting it.
The feds no doubt have tricks that would make a mere mortal like me faint dead away. But the local PD? You're dealing with some guy who took a two-day forensics course at community college. He'll try a list of stupid passwords, and if you were stupid enough to use one of them, he's in; but if your passphrase is as long as it should be, then fuck, no, he's not going to break PGP. The guy who wrote PGP spent ten years fighting to stay out of jail; he didn't do that just so someone could backdoor it.
On the other hand, spammers now "own" a third of the PC's on the planet. That's because it's trivial to turn a Windows PC into the bitch of some Russian Mafia pimp. Anyone who says "I use Garbage-O and it makes Windows safe!", I call bullshit. It's got to be at least that easy for the FBI.
Also, if you only encrypt some of your email it's just like saying "Here's the good stuff! Focus on this message right here!" The Man calls that traffic analysis, but it's just a matter of figuring out "Who have you been talking to?" and then they go talk to that person. What do you get when you add one smart person and one stupid person? Two stupid people.
I know that we have a guy here who worked on the EFF's (Electronic Frontier Foundation) anonymity system, which sounds wonderful but it's run by volunteers. "Gee, what's the easiest way to get my hands on a stack of internet traffic from people who think they have something to hide?" You got it -- become one of those volunteers. Press report earlier this month, guy used his insider status to read tons of unencrypted messages that were delivered straight to the "nodes" he contributed to the project.
The people using the anonymity service didn't understand the difference between anonymity and encryption. You need BOTH.
(By the way -- the only people who have used the EFF system here have been spammers and trolls, trying to get around being banned. It doesn't even help them with that; it just makes them stick out more.)
So... follow GJ's suggestion and learn how to use PGP without the training wheels.
Ditch Windows. Get a Linux "live CD." You have to keep records? Don't save anything to your hard drive. Save stuff to a thumbdrive and encrypt the hell out of it -- PGP can do that once you learn how to use it.
Hushmail is a hell of a lot better than nothing, and the people talking it down are mostly blowing smoke; it's just not the whole solution.
Here are a few basics -- your key, your passphrase, has got to be LONG and COMPLEX. A program can run through all the possible combinations of eight or ten letters in a few minutes. "Yo mama" is not a good passphrase, in other words. Unless you have to type for a full four seconds to enter your passphrase, you're wasting your time using PGP. All that does is call attention to your mail without really protecting it.
The feds no doubt have tricks that would make a mere mortal like me faint dead away. But the local PD? You're dealing with some guy who took a two-day forensics course at community college. He'll try a list of stupid passwords, and if you were stupid enough to use one of them, he's in; but if your passphrase is as long as it should be, then fuck, no, he's not going to break PGP. The guy who wrote PGP spent ten years fighting to stay out of jail; he didn't do that just so someone could backdoor it.
On the other hand, spammers now "own" a third of the PC's on the planet. That's because it's trivial to turn a Windows PC into the bitch of some Russian Mafia pimp. Anyone who says "I use Garbage-O and it makes Windows safe!", I call bullshit. It's got to be at least that easy for the FBI.
Also, if you only encrypt some of your email it's just like saying "Here's the good stuff! Focus on this message right here!" The Man calls that traffic analysis, but it's just a matter of figuring out "Who have you been talking to?" and then they go talk to that person. What do you get when you add one smart person and one stupid person? Two stupid people.
I know that we have a guy here who worked on the EFF's (Electronic Frontier Foundation) anonymity system, which sounds wonderful but it's run by volunteers. "Gee, what's the easiest way to get my hands on a stack of internet traffic from people who think they have something to hide?" You got it -- become one of those volunteers. Press report earlier this month, guy used his insider status to read tons of unencrypted messages that were delivered straight to the "nodes" he contributed to the project.
The people using the anonymity service didn't understand the difference between anonymity and encryption. You need BOTH.
(By the way -- the only people who have used the EFF system here have been spammers and trolls, trying to get around being banned. It doesn't even help them with that; it just makes them stick out more.)
So... follow GJ's suggestion and learn how to use PGP without the training wheels.
Ditch Windows. Get a Linux "live CD." You have to keep records? Don't save anything to your hard drive. Save stuff to a thumbdrive and encrypt the hell out of it -- PGP can do that once you learn how to use it.
Hushmail is a hell of a lot better than nothing, and the people talking it down are mostly blowing smoke; it's just not the whole solution.
Similar threads
