[liberationtech] Snakeoil and suspicious encryption services
Steve Weis
steveweis at gmail.com
Fri Jul 18 08:32:36 PDT 2014
I wouldn't use any of these. InfoEncrypt is especially bad. If a
product doesn't have a link to source code, doesn't have detailed
documentation, or relies on code running on their servers, then do not
expect privacy of your messages.
Somewhat relevant, I recently gave a talk about "Crypto Projects that
Might Not Suck":
http://saweis.net/pdfs/CryptoMightNotSuck-2014.pdf
On Fri, Jul 18, 2014 at 7:59 AM, Lorenzo Franceschi-Bicchierai
<lorenzofb8 at gmail.com> wrote:
>
> After The New York Times video suggesting a few questionable services to
> encrypt email (see here:
> http://www.nytimes.com/video/technology/personaltech/100000003002385/easily-encrypt-your-email.html?smid=tw-nytimes)
> I was wondering if it's time to make a list of not-so-good snakeoil
> encryption services that have popped up after the Snowden revelations.
>
> As a reporter, I have received pitches for around a dozen different
> products, but wanted to ask you if you've seen any, and why you think
> they might not be good. Here's a short list to get you started (I'm not
> saying all these are terrible, we should look into them and figure out
> why they might or might not be good):
> - -Virtru (https://www.virtru.com/)
> - -Shazzlemail (http://shazzlemail.com/)
> - -Protonmail (https://www.indiegogo.com/projects/protonmail)
> - -InfoEncrypt (https://www.infoencrypt.com/)
More information about the liberationtech
mailing list