Full Disclosure mailing list archives

RE: hushmail.com, is this true?

From: "J. Oquendo" <sil () infiltrated net>
Date: Tue, 25 Jan 2005 18:20:43 -0500 (EST)



On Tue, 25 Jan 2005, james edwards wrote:

No business can ignore a judges orders to produce whatever required
information. The business can contest the request but if it is proven
out the information must be produced.


You're assuming here. A US Judge has no juridstiction over a company in
another country and vice versa, so even if some US Judge attempted to
subpoena Hush Communications, Hush can pretty much turn around and tell
that judge to piss off. On the other hand though, with the United States'
Gestapo'ish system of "law", countries do tend to comply with each other
on certain occasions. You know... "Osama is using your email services, we
need to see logfiles" (remember kids terrorism is the root of all evil).
Whether or not Hush decides to cooperate is a matter of legal finagling
between them and authorities.

As for the retention of log records, I have not bothered to peruse their
site so unless someone can find where they explicitly state they do not
retain log records, then you could be sure they do keep records. Whether
they give those records to LEA's is something only they could answer,
whether they are being truthful about it or not, is yet another story.

Any system that relies on just one free service to ensure privacy is
useless.


To a degree. There isn't any message I can think of in this world that
would require such "uber" protection. If it were "that" important I know I
would disclose it only via word of mouth as opposed to using any form of
digital communication. Again, if it were that important. If I needed to be
a pain I would do something anal like PGP the message twice, send it
through SpamMimic (http://www.spammimic.com/), embed it in a picture with
some steg program, re-PGP it then send using multiple proxies.

Of course now I would not waste my time with such nonsense, but I do
agree on the "one security model does not fit all" bandwagonese(bushism).




=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
J. Oquendo
GPG Key ID 0x51F9D78D
Fingerprint 2A48 BA18 1851 4C99

CA22 0619 DB63 F2F7 51F9 D78D
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x51F9D78D

sil @ politrix . org    http://www.politrix.org
sil @ infiltrated . net http://www.infiltrated.net

"How a man plays the game shows something of his
character - how he loses shows all" - Mr. Luckey
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Re: hushmail.com, is this true?, (continued)
- - - Re: hushmail.com, is this true? Gregh (Jan 25)
    - Re: hushmail.com, is this true? Pseudo Nym (Jan 25)
    - Re: hushmail.com, is this true? (Libraries, The Patriot Act, Forcoing Issues Etc.) (RAL for some) Steve Kudlak (Jan 26)
    - Re: hushmail.com, is this true? (Libraries, The Patriot Act, Forcoing Issues Etc.) (RAL for some) Valdis . Kletnieks (Jan 26)
    - Re: hushmail.com, is this true? james edwards (Jan 25)
    - Re: hushmail.com, is this true? Ron (Jan 25)
    - Re: hushmail.com, is this true? james edwards (Jan 25)
    - Email Privacy (was hushmail.com, is this true?) J.A. Terranson (Jan 25)
    - Re: Email Privacy (was hushmail.com, is this true?) Etaoin Shrdlu (Jan 25)
- RE: hushmail.com, is this true? Todd Towles (Jan 25)
- RE: hushmail.com, is this true? J. Oquendo (Jan 25)
- Re: hushmail.com, is this true? J. Oquendo (Jan 25)
  - Re: Re: hushmail.com, is this true? Pseudo Nym (Jan 26)