| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: sil at infiltrated.net (J. Oquendo) Subject: RE: hushmail.com, is this true? On Tue, 25 Jan 2005, james edwards wrote: > No business can ignore a judges orders to produce whatever required > information. The business can contest the request but if it is proven > out the information must be produced. You're assuming here. A US Judge has no juridstiction over a company in another country and vice versa, so even if some US Judge attempted to subpoena Hush Communications, Hush can pretty much turn around and tell that judge to piss off. On the other hand though, with the United States' Gestapo'ish system of "law", countries do tend to comply with each other on certain occasions. You know... "Osama is using your email services, we need to see logfiles" (remember kids terrorism is the root of all evil). Whether or not Hush decides to cooperate is a matter of legal finagling between them and authorities. As for the retention of log records, I have not bothered to peruse their site so unless someone can find where they explicitly state they do not retain log records, then you could be sure they do keep records. Whether they give those records to LEA's is something only they could answer, whether they are being truthful about it or not, is yet another story. > Any system that relies on just one free service to ensure privacy is > useless. To a degree. There isn't any message I can think of in this world that would require such "uber" protection. If it were "that" important I know I would disclose it only via word of mouth as opposed to using any form of digital communication. Again, if it were that important. If I needed to be a pain I would do something anal like PGP the message twice, send it through SpamMimic (http://www.spammimic.com/), embed it in a picture with some steg program, re-PGP it then send using multiple proxies. Of course now I would not waste my time with such nonsense, but I do agree on the "one security model does not fit all" bandwagonese(bushism). =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ J. Oquendo GPG Key ID 0x51F9D78D Fingerprint 2A48 BA18 1851 4C99 CA22 0619 DB63 F2F7 51F9 D78D http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x51F9D78D sil @ politrix . org http://www.politrix.org sil @ infiltrated . net http://www.infiltrated.net "How a man plays the game shows something of his character - how he loses shows all" - Mr. Luckey
Powered by blists - more mailing lists