Unseen.is is a private communications service providing a single web based solution to encrypt email, files, instant messenger and discussion boards. They would like to replace insecure social networks like Facebook and Twitter and take over from email providers with a NSA backdoor like Gmail or Yahoo. The company is hosting the data in Iceland to make it harder for the US government to serve them with a wire tapping order.
Unseen.is implements its own encryption method, claiming that it avoids any possible compromise of the AES cipher or RSA keys by the NSA. Unseen.is premium plan secures data with a One Time Pad algorithm, where the password does not repeat itself and each message is encrypted individually with its own key, hence, even a compromise of the password would only be useful to decrypt a single message and not all communications.
The free plan is enough for medium level security. The main difference in between the free and paid for account is that in premium you get to keep the encryption keys yourself and do not have to trust the company with the power to be able to decrypt data. When you are in control of the encryption keys, even if someone hits Unseen.is CEO with a hammer he would still be unable to decrypt your messages.
The signing up process is simple, only requiring an existing email address and choosing a nickname. Email interface appears to be a customized version of RoundCube, on top of encrypting messages in between Unseen.is users, data does not leave local server so it should not be intercepted by any government agency data mining fibre optic cables.
Sending an email message outside Unseen.is will not be received encrypted but TLSv1 with cipher ADH-AES256-SHA (256/256 bits) is used for transmission and your computer IP is hidden in the email headers replacing it with localhost IP (127.0.0.1). Outgoing emails are also scanned for viruses. Alternatively, the site has instructions on how to configure your own email client for IMAP and you won’t have to use webmail.
I liked that the discussion boards in Unseen.is can be set to private or public for easy discovery, you can join open forums like “Patriots of America” or another one called “Computer Privacy”, besides creating your own encrypted online forum where only those with moderator approval can take part.
Unseen.is and Silent Circle are the only services I am aware of where every day communications (i.e. email, voice and IM) are unified in a single interface. I think that it is a great idea, nobody wants to use a dozen different services for daily activities.
My only complaints about Unseen.is are that payment options are limited to Paypal and credit card. It would be nice of them to add Bitcoin or something more anonymous. And a much bigger complaint I have is that Unseen.is terms and conditions mention a long list of reasons by which your account could be terminated, including using the service to send material that is “hateful, vulgar, obscene”, very ambiguous words that could mean anything the company wants them to mean.
I does not look like Unseen.is terms and conditions allow for the debate of controversial ideas, it could be highly problematic for a group of people to find that Unseen.is closes down their group, with the consequent waste of time.
Another concern about this service is that the encryption they are using has not been widely reviewed and you have to blindly trust their security model at face value, the least Unseen.is could do to reassure customers is to open source part of the code.
This is a very easy way to secure your data,just a pity that they do not have free speech terms and conditions to match their offering, they could also improve it by adding an emergency option to delete the account and all data.