On Thu, 9 Dec 2010 15:03:42 -0500, Adam M. Dutko <[email protected]> wrote: > How do they deal with legal jurisdiction? Technically the government can > still subpoena and they'd have to turn over the documents in the persons > account, including backups. I "pine" for "Sealand" but even then one would > have to trust the owners of Sealand not to snoop. Again, the best solution > is probably run your own.
Yes, this is along the lines of what happened to Hushmail, if you remember them. They had a Java applet-based webmail system where encryption was performed locally on the user's computer, and they liked to advertise that the Hushmail servers never even handled plaintext copies of users' OpenPGP encrypted messages. But the problem was that the authorities could still compel Hushmail to serve a malicious Java applet to specific users: http://en.wikipedia.org/wiki/Hushmail#Controversy That's not Hushmail's fault of course -- as a service provider, you can only promise so much privacy to your users unless you're willing to secede and maintain your own army. This means that as a user, you can only get strong privacy if you're willing and able to roll your own. (Whether you actually *need* that kind of privacy is another matter...) -- Mark Shroyer http://markshroyer.com/contact/
