Like something out of Mission: Impossible, a London-based firm hopes to sell Web surfers on the next level of privacy: Encrypted self-destructing e-mail. "There are thousands of cases where people have gotten in trouble because of their e-mail," said Leo Scheiner, CEO of Internet venture Global Markets Ltd. -- the owner of Web-based e-mail start-up 1on1. "They'll send out e-mail without any thoughts of the consequences of what they are saying. That's well and good, but those words have a way of coming back and hitting you in the face."
Call it e-mail for the paranoid.
Requiring a custom e-mail client, the Web e-mail service promises unbreakable encryption to give individuals privacy and corporations some protection against competitors and lawsuits. "What we have is a service that provides what any businessman would want: Confidentiality, reliability, and the ability to assure that your e-mail has arrived," said Scheiner.
With 2,048-bit encryption, trying to break the code hiding users' messages is impossible, he said. Yet, the service has only been running for a week, and is relatively untested. Not for long. The company invites hackers to try their hand at breaking the encryption by offering a standard reward of £30,500 to whoever can do it.
The company adds other features as well. To avoid that pesky e-mail that comes back to bite the writer, 1on1 can automatically be set to delete e-mail after a certain period of time has passed. As an added benefit, the security features of the system also make it nigh impossible to send spam to its users.
Yet, despite its short history, the service is already gathering critics. "(2,048-bit encryption) is ridiculous," said Bruce Schneier, noted cryptographer and author of Applied Cryptography. "It is irrelevant. The security is determined by the password anyway. If the user picks a bad one, the security is bad."
Dov Smith, spokesman for Internet privacy service Zero Knowledge Systems Inc., agrees. "It's less important to look at key length as a barometer of security and more important to look at the implementation," he said. "We look at privacy as a lot more than e-mail." Zero Knowledge's service, known as the Freedom Net, encrypts all communications to the Internet, essentially hiding the user's identity.
Another encrypted e-mail service, known as Hushmail, is also critical of the self-destructing e-mail component of the service. "That's a gimmick," said Jon Gilliam, spokesman for Hush Communications Inc., which runs the Hushmail service. "It's nothing new." Yet, for lawyers, doctors and financial firms, such privacy-enhancing features are gaining popularity, said Global Markets' Scheiner. On that, at least, Hushmail's Gilliam agrees. The Aguilla-based company has also seen a lot of interest from such professionals.
The reason is no mystery. Last year during the anti-trust suit brought by the U.S. Department of Justice, Microsoft Corp.'s chief and several other execs had to defend, not just against the government, but their own e-mails.
That event and others scared some companies, Gilliam said. "When they see Bill Gates fighting his own e-mail in court, that means something," he said "If he can't stop it, who can?"
For 1on1 mail, the answer is obvious.