GhostMail Ends Services ‘To Prevent Misuse’

GhostMail, an email service that claimed to offer “military encrypted and self-destructing” email services, said it has decided to stop providing individual accounts in order to prevent its tools from being used by “the wrong people”.

The service, started in 2014, said it would stop providing both free and paid individual accounts as of September 1, but planned to continue selling its enterprise email services.

‘Not worth the risk’

“Since we started our project, the world has changed for the worse and we do not want to take the risk of supplying our extremely secure service to the wrong people – it’s simply not worth the risk,” the company said in a statement on its website.

GhostMail said it planned to issue refunds to users of its paid individual email services “directly”.

The company, which claimed on its website to be operated by an independent and “non-American” organisation, said it does “not gather and capitalise” on users’ details.

“By using GhostMail you are protecting yourself and limiting the risk of a range of e-crimes, mass surveillance and intimidating marketing schemes,” the company stated.

GhostMail also offered chat and cloud storage services. It referred users looking for secure email to Switzerland-based ProtonMail.

The company did not immediately respond to a request for further comment.

Encryption misuse

Encrypted services such as GhostMail were launched in the wake of 2013 disclosures of widespread data surveillance programmes operated by the US government, with companies such as Apple and Google also adding encryption to their messaging tools.

Law enforcement bodies, however, have warned that such services are ideal for criminals and militants.

GhostMail’s decision follows not long after police found that at least one of the two killers responsible for the murder of a priest last week used secure mobile messaging application Telegram to discuss his plans.

Adel Kermiche, 19, used the app to publish audio files detailing his intent to cause “carnage” in a church a few days before committing the murder, according to a report by French magazine L’Express last week.

The files were published on a chat group with about 200 members, according to the report, which cited files provided by an unnamed source and confirmed by police.

A few days later, on Tuesday, 26 July, Kermiche and Abdel Malik Petitjean, also 19, entered a church in Saint-Etienne-du-Rouvray, near Rouen in Normandy, during morning mass and cut the throat of Father Jacques Hamel, 86. The two were killed by police after taking hostages.

Security vs. privacy

The approach used by services such as GhostMail may leave them open to abuse, according to security experts.

“As GhostMail has no way of perusing its customers’ encrypted conversations it wouldn’t know who would be up to no good, and who wouldn’t,” said IT security researcher Graham Cluley in a statement.

WhatsApp also claims to offer secure messaging, although an IT security researcher recently found that the service leaves forensically recoverable copies of messages on mobile devices, desktops and servers.

Are you a security pro? Try our quiz!