You can't deny that Pushbullet is insanely useful, and it gets more so with each update. However, Pushbullet does see a lot of your data in plain text, and there's been growing demand for better security. As of today, Pushbullet supports end-to-end encryption for SMS, notification mirroring, and universal copy-paste.
In a recent conversation on Reddit, Pushbullet's lead developer dug into the issue with users. Pushbullet has always used https to secure connections, but the Pushbullet servers still see all your data in plain text. So why the need for encryption? If you're the paranoid sort, you might worry that a malicious individual could gain access to the servers, or insert him/herself between Pushbullet and your devices. Hey, if we're making up hypotheticals, Pushbullet might also reveal itself to be a cover for Hydra at some point in the future and begin using all your data for world domination.
Of course, these things are not particularly likely, but now you can protect yourself by entering your chosen password for end-to-end encryption in the settings (it's AES-256). Do that, and your data will be encrypted before it leaves your device and won't be decrypted until it reaches another device connected to your account. Additionally, the key derived from your password is never sent to the server. That means the only thing Pushbullet (or anyone listening in) will see is encrypted data.
End-to-end encryption will be live today for Pushbullet on Android, Chrome, and Windows (the update should be out soon, if not already). The iOS update is pending and the Mac app will be done soon. The Opera and Firefox extensions will be rolled out as soon as Chrome is confirmed to be working properly.
- Pushbullet Blog