Hacker News new | ask | show | jobs
by higherpurpose 4529 days ago
Nope.

> However, you’re entrusting us to help you maintain your privacy; you should know how we will respond if the government asks us for access to your encryption keys. The government would need those keys if it wanted to read any encrypted files it does obtain. Without them, the files are useless.

> We won’t provide your keys to anyone without your consent — unless we are ordered to divulge them by a judge with jurisdiction over us. If we are ordered to divulge them, we will fight for you to have notice and an opportunity to object.

So I guess I'll keep waiting for a DarkMail client.
2 comments
znelson 4529 days ago
One of our core goals is to bring privacy to the masses without poeple needing to completely ditch their current accounts and infrastructure. We want to seamlessly integrate with the apps people already use so that even non-technical people can use it.

DarkMail would require people to completely ditch everything and jump to a new system.

But for the super-security minded folks we're researching ways we can seamlessly integrate PGP like capabilities into the product so that Virtru would never even be in a position to see the keys at all.

link
gfodor 4529 days ago
so from a security standpoint, this is equivalent to the status quo, except transferring responsibility from Google to a small startup for maintaining keys? I'd be shocked if google doesn't encrypt emails at rest. Is there still plenty of inflight unencrypted SMTP traffic to worry about that this could address? I guess you have to worry about the recipient if you are sending email to a non gmail/hotmail/ymail address?
link
conorgil145 4529 days ago
>> I guess you have to worry about the recipient if you are sending email to a non gmail/hotmail/ymail address?

Virtru allows you to send securely to any recipient, regardless of the email provider they use. The easiest way to read the secure message is to use the Virtru software to integrate with your existing email client.

Our iPhone client uses IMAP, so it works with any email provider that supports IMAP.

Our browser extension currently integrates with Gmail, Yahoo, and Outlook.com. If the Virtru browser extension does not integrate with your email provider, then we provide a mechanism to read the secure email in your browser without installing anything. However, you cannot reply securely without the Virtru software.

link
conorgil145 4529 days ago
>> I'd be shocked if google doesn't encrypt emails at rest

Virtru encrypts email content on the client side, so your email is protected before it ever leaves your computer. That gives you protection in transit and at rest

link