In the recent fall of Freedom Hosting, a hosting service used by much of the Dark Web, the list of casualties is long. One death in particular has already cast the widest shadow of all: Tor Mail is gone.

Long considered the most trustworthy and popular email service on the Dark Web, users have rapidly fled since Freedom Hosting, which maintained Tor Mail’s previously hidden servers, was compromised and destroyed, and its alleged owner, Eric Marques, was arrested in Ireland. Now, many wonder if Tor Mail’s servers are sitting in a National Security Agency (NSA) office, their contents being read and documented at this very moment.

Dissidents, whistleblowers and journalists have long used Tor Mail. Edward Snowden and Julian Assange are major Tor cheerleaders. But alongside them are some of the most prominent pedophiles and most profitable drug dealers on Web. Nothing about Tor Mail’s demise is certain at this point. We don’t know if its servers have fallen into the hands of criminals or the U.S. government.

Here’s the catch: In theory, it shouldn’t even matter if an NSA agent is browsing through each email at this very moment. Smarter, more careful users of Tor Mail have never sent a clear text email. Software such as PGP (Pretty Good Privacy) takes 15 minutes to master and provides virtually unbreakable encryption, placing emails out of even the NSA’s reach. It’s a breeze. Any cybercriminal worth his weight in stinky California marijuana would take the time to use it, right?

Wrong.

“I post my PGP key everywhere and beg my customers to use it but the majority don’t….. including for some pretty big orders!,” wrote popular ecstasy vendor DrMDA.

“Something like 80 percent of SR users don’t use PGP,” wrote astor, a longtime Silk Roader.

Some vendors, such as prescription drug salesman RxKing, explicitly refuse to deal in PGP, saying it gives a false sense of security.

Sometimes it’s not laziness or complacency, it’s simply a giant mistake.

If you have ever purchased GHB (known as liquid ecstasy or, more commonly, the date rape drug) from the popular Silk Road vendor BlueGiraffe, you may have a bit of worrying to do

BlueGiraffe’s newly hired assistant—yes, top vendors have assistants and entire teams behind their operation—mistakenly emailed the address of every single customer he’s had in over a year of business in clear text. It’s not encrypted, it’s imminently readable, and it’s potentially in the hands of law enforcement right now. Keeping such records is against the rules on Silk Road.

“Though I will never meet any of you in person, you are like a great family that I love and care for very much,” wrote an extremely apologetic BlueGiraffe. “And I have done the worst thing and compromised your safety. I am so sorry.”

Now, despite easy-to-use technology that would have rendered them virtually immune to oversight, thousands of Tor Mail users are perspiring, wondering when the knock on their door will come.

The big question across the Dark Web is what will succeed Tor Mail. Here are the early contenders:

Even when Tor Mail was the de facto king of Dark Web communication, it was not ubiquitous. Now that trust is in short supply, other services have seen an influx of users in the past week.

Many people have wondered if and when another simple and trustworthy Tor email service will pop up. It’s a major market opportunity that comes with serious risk. Hushmail, a Canadian service that was once upon a time the encrypted email darling of the Dark Web, came under immense pressure from the American government and eventually turned over clear text emails to law enforcement in 2007.

What comes next is anyone’s guess. The only sure thing is that any smart user wishing to maintain privacy ought never to fully trust any service and should always encrypt their communications. Anything less is asking for trouble.

Illustration by Jay Hathaway