The "P" Word? You Know, Privacy & Psecurity.

From Wired: Hushmail, a longtime provider of encrypted web-based email, markets itself by saying that “not even a Hushmail employee with access to our servers can read your encrypted e-mail, since each message is uniquely encoded before it leaves your computer.”

But it turns out that statement seems not to apply to individuals targeted by government agencies that are able to convince a Canadian court to serve a court order on the company.

Everybody has to answer to somebody, and Hushmail is no exception. Unfortunately, their marketing hype doesn’t convey the nuance that the Threat Matrix and Limitations sections of their “About” page do, along with their Java Help page.

Doubly unfortunate is that many software consumers are unwilling or unable to prioritize which they value more: Security or Convenience. Since consumer and marketing culture are often at odds with the hard reality of taking time to decide what we value most, we end up with situations where someone chooses a convenience optimized security approach when they should have prioritized the privacy protection granted by an account that offered more security.

Having seen the criticisms of Hushmail’s chosen course of action, and being intimately aware of our upcoming plans to introduce a SSL based convenience oriented service for webmail accounts, you can be assured of one thing: we’ll make very clear what the advantages and disadvantages are for each of the many approaches we make (and will be making) available to those who need to protect and control their important information.

By the way, here’s a great resource that Front Line put together called “Digital Security and Privacy for Human Rights Defenders”. Don’t be distracted by the title or their target audience, it’s a great security primer for anybody who values their privacy and can’t count on somebody else taking care of it for them. So educate yourself, and leave the hyperbole to the marketing mavens.