What do we do when we are out on the road, and have no access to our laptops or PGP?
We are faced with a choice between either not sending a document or sending it unsecured. In such a situation, HushMail may be a good compromise.
Although I am suggesting HushMail, I am not at all happy with it for several reasons. Contrary to their claims, it does not handle key distribution. You have no idea who you are really communicating with, as no verification of UserID. But in a very specific case, where you know in advance the people with whom you wish to communicate, it may not be a problem, if you all agree on e-mail addresses in advance. These could be as they are now but @hushmail.com
firstname.lastname@example.org --------> email@example.com
I do not know how good is their encryption. Generation of keys takes place on your machine, either via downloaded software, or if you lack installation permission, via a Java applet that runs on a virtual machine within the web page. Your keys are then stored in an encrypted form on their server. All communication takes place with their server via a secure link.
But, if it is choice between not sending a document or sending it unsecured, then HushMail may be a good compromise.
Also if you wished to send a document to someone outside of the core group, who have already exchanged and agreed e-mail addresses in advance, you could give them a call, ask them to set up a HushMail account, call them back to confirm the e-mail address, then send the document.
An alternative way of doing this would be to send a self-decrypting archive using PGP. You call the recipient, tell them the pass-phrase, then encrypt the archive using PGP, on receipt, they type in the pass-phrase and recover the document. Or better still, you call them after receipt, and tell them the pass-phrase. Slight risk, if their or your phone is bugged, or the line is bugged.
Where I can see a use for HushMail, and maybe its only real use, is for exchanging public keys via a secure route.
You cannot meet, have no trusted third party to verify the keys. You call your friend, he sets up a HushMail account, then you use HushMail to encrypt and sign the key you are sending. You have a tamper-proof method of exchanging keys (assuming everything else in HushMail works).
Although, if you are making the phone call, you could simply exchange key fingerprints.
Think of it as belt and braces. Do both!
In use, HushMail is like using a very kludgy version of HotMail or Yahoo Mail, and very slow.
A security precaution in setting up a HushMail account. If you think you are being monitored, go to a net cafe in some anonymous town or hotel or airport transit lounge and set up the account from there. This of course assumes they do not have keyboard sniffers installed, even worse, keyboard sniffers that jump into action when hushmail is typed!
Remember, setting up a HushMail account, including key generation, is all being done on-line.
When you generate your HushMail keys, you download a Java applet, but before you use it, you are shown a series of signatures etc, in a separate window with no easy means of saving . But how do you verify or validate these? It shows the Hush Certificate has been validated by Thawte Communications. So what? I could have a PGP key that has been signed by Joe Bloggs, it means nothing unless I know Joe Bloggs, or can trace a path back to Joe Bloggs through keys I trust. On the Thawte website, I did a search for HushMail, but it turned up nothing.
In its favour, HushMail is recommended by Phil Zimmermann (designer of PGP) and conforms to the OpenPGP standards.
If you want a highly mobile way to do PGP-style encrypted email, you might consider HushMail, from Hush Communications. HushMail is a web-based encrypted email service that uses a downloaded Java applet to encrypt and decrypt email in your browser. There's nothing to install, because it's all done in your browser. Which greatly simplifies deployment in large corporate environments. It's also handy for road warriors who might need to check their encrypted email from an Internet cafe. Sign up to try out HushMail for free, but if you pay for an upgraded subscription, you get better service and you will be keeping another OpenPGP vendor in business, which the OpenPGP community really needs. And for all you Macintosh fans (such as myself), assuming you are current with Apple's software updates, HushMail now works with Safari on Mac OS X.
I do not envisage HushMail as a serious alternative to PGP, rather as a complement for those tricky situations when it is not possible to use PGP. It may be you do not have your own computer and make use of net cafes, or e-mail from school, college or work, and do not wish anyone to read your personal e-mail, in such cases, HushMail is a more secure alternative to other web based e-mail such as HotMail or Yahoo Mail.
It is possible to communicate with a PGP (or an OpenPGP compliant) user or vice a versa provided you have uploaded and downloaded your PGP public keys to and from HushMail, although this is done via HushTools. But be warned, it is a pain to do, and even then it may not be possible to encrypt/decrypt, if the correct options have not been set.
When downloading a key from HushMail, there is no guarantee as to the validity of the key, and yes, although one assumes you can sign the downloaded key and upload the key to HushMail, this does not help as you do not know the authenticity of the downloaded key in ther first place, and so should not be signing it.
I have downloaded my PGP key off HushMail, but although it has my e-mail adress at HushMail, how do I know it is the key that was automatically uploaded at the time it was generated? If I lack any guarantees, what guarantees does anyone else have that it is my key? It does have another siganure on it, but it means nothing to me. The only guarantee I would have is if, at the time of generation, I had the option of saving the key-pair.
That encrypted e-mail can be sent back and forth and successfully decrypted, is no gurantee we have the right keys, as the classic man-in-the middle attack could be taking place. Indeed HushMail is ideally placed for man-in-the-middle attack on every communication through HushMail between HushMail accounts. Unbeknown to us, we are all communicationg via fake keys, which yes, are always held encrypted, with HushMail holding the real keys. The whole process could be automated.
Man-in-the-middle attack is undetectable. To foil man-in-the-middle attack, we would have to implement the interlock protocol. Only then could we be sure we had a secure channel. Well almost. We have to rely on HushMail using all of the available key space. If only a limited subset of the key space was used, the system is seriously weakened, and open to brute force number crunching and key cracking.
To use HushMail, relies upon Java being enabled, and, if Windows XP, Java having been installed, as you need to run a Java applet within the web page.
The only way I would begin to have confidence in HushMail, especially key handling, would be if I could download my key-pair via a secure link on entering my pass-phrase, and store on my own key ring. I could then use the keys independent of HushMail, sign, pass around and get others to sign. The irony is, that everytme I sign or decrypt a message, I am downloading from the HushMail server, a copy of my secret key, it is just that I do not have direct access to it.
If you are deperate, and there are no alternatives, use HushMail, otherwise stick to PGP.
There are alternative web-based encryption e-mail packages to HushMail, but these I have not looked at.
If on the road, you could have PGP and your keys on a memory stick and run from the stick. You simply plug the stick into a USB port. With Windows XP, no drivers are required. The system simply sees an extra drive has been added. This I have not tried.
Use of a memory stick assumes you have access to a USB port on the machine. With HushMail, all you need is Internet access and a web browser.
Memory sticks have further uses. If you have two, on one, which you keep very private, you store your secret PGP key, on the other, you store all your public keys and any other data you may wish to have handy and easily accessible.