Friday, November 21, 2014

Hush now ( alternative email security in a pinch )

If you ever needs to send something via email and have no security enabled mail client, than hush mail might be beneficial for you.

After building an account, you can craft  a email and set the passphrase  that you will share with the recipient via an out-of-band ( OOB ) channel like SMS, voice call, etc...

note: please don't use test1234567890 as a pass-phrase ;)

The email receiver will get an email message with a direct link to the encrypted email message in his inbox. This provide 100% security to the content since you download the  message over  a HTTPs session.

If the email was intercepted and  if the  a login/brute force attack was taken, the mail will be automatically delete after 5 failures.


and then the mail is deleted;

This service is great for those that don't know how to implement  PGP and keys management. I still will suggest that you use local encryption if you need 100% secure email communications.

You can read about the legal issues with hushmail  at the below link.

example of a simple composing

Ken Felix
NSE ( network security expert) and Route/Switching Engineer
kfelix  -----a----t---- socpuppets ---dot---com
   ^      ^
=(  $  $ )=
      /  \

No comments:

Post a Comment