Search the Community
Showing results for tags 'tutanota'.
Found 3 results
steven36 posted a topic in Security & Privacy Newsfrom the what-are-you-so-afraid-of dept The Russian government continues to escalate its war on encrypted services and VPNs. For years now, Putin's government has slowly but surely taken steps to effectively outlaw secure communications, framing the restrictions as essential for national security, with the real goal of making it harder than ever for Russian citizens to dodge the Putin government's ever-expanding surveillance ambitions. The latest case in point: starting last Friday, the Russian government banned access to encrypted email service Tutanota, without bothering to provide the company with much of any meaningful explanation: In a blog post, the company notes that Tutanota has been blocked in Egypt since October of last year, and that impacted users should attempt to access the service via a VPN or the Tor browser: "Encrypted communication is a thorn in the side to authoritarian governments like Russia as encryption makes it impossible for security services to eavesdrop on their citizens. The current blocking of Tutanota is an act against encryption and confidential communication in Russia. ...We condemn the blocking of Tutanota. It is a form of censorship of Russian citizens who are now deprived of yet another secure communication channel online. At Tutanota we fight for our users’ right to privacy online, also, and particularly, in authoritarian countries such as Russia and Egypt. Except VPNs have been under fire in Russia for years as well. Back in 2016 Russia introduced a new surveillance bill promising to deliver greater security to the country. Of course, as with so many similar efforts around the world the bill actually did the exact opposite -- not only mandating new encryption backdoors, but also imposing harsh new data-retention requirements on ISPs and VPN providers forced to now register with the government. As a result, some VPN providers, like Private Internet Access, wound up leaving the country after finding their entire function eroded and having some of their servers seized. Last year Russia upped the ante, demanding that VPN providers like NordVPN, ExpressVPN, IPVanish, and HideMyAss help block forbidden websites that have been added to Russia's censorship watchlist. And last January, ProtonMail (and ProtonVPN) got caught up in the ban as well after it refused to play the Russian government's registration games. While Russian leaders want the public to believe these efforts are necessary to ensure national security, they're little more than a giant neon sign advertising Russian leaders' immense fear of the Russian public being able to communicate securely. Source
steven36 posted a topic in Security & Privacy NewsThe e-mail provider Tutanota advertises to be the “world’s most secure e-mail service”. The company offers encrypted e-mail communication and claims to have six million customers relying on this security promise. However, on October 2, 2018, the district court of Itzehoe asked managing director Matthias Pfau to provide the e-mails of Tutanota unencrypted and in real time to the police . Why? In the previous months hackers blackmailed several companies based in Schleswig-Holstein, using an e-mail address from Tutanota. So the investigators wanted to read the e-mails to get the cyber criminals on the track. So this case leads to a dispute between security authorities, who claims that too secure encryption methods avoids the tracking of suspect, and privacy advocates, who want more data to be encrypted to better protect citizens and businesses from criminals, espionage and data hunger by tech companies. How Tutanota works? Tutanota’s service works like this: when two users write an e-mail, it is automatically protected with the most secure end-to-end encryption. Only sender and receiver can read the message. However this works only between tutanota users: mail providers like Google or Hotmail do not have such protection. If a customer receives an e-mail from a person who does not have a Tutanota account, according to provider FAQ, the message was automatically encrypted as soon as it lands on Tutanota servers. The court request Therefore, the district court asked to Tutanota that the entire contents of the e-mails be sent out without end-to-end encrypted. The company initially refused, however, five months later, the court ruled that Tutanota must hand over the data and imposed a fine of $ 1,000. Now Tutanota has to program a new function for the prosecutors: If an account has a valid legal order from a German court, the company must also create a copy of the e-mails that the investigators can read. Obiously, authorities still cannot read mails sent with end-to-end encryption between Tutanota users. So what? In this reddit thread on /r/privacytoolIO , Tutanota team attended the conversation, basically confirming concerns of privacy conscious users: Hi there, Tutanota team here. We came across this discussion and would like to clarify some points: End-to-end encrypted emails are not affected. End-to-end encrypted data (calendar, contacts, etc) are not affected. This applies only to non-encrypted emails received/sent after the court has been issued. A valid German court order is required for this, 4 have been issued in the first half of 2019. This applies only to non-encrypted emails received So all emails received from every other email provider except for tutanota? Yes, unless they use the e2e feature, which also works with external email addresses. My 2 cents In a privacy context, relying on just one security layer is wrong. Thinking that with a secure provider your messages are secured and confidential means overstimate your privacy model. So, reinforce every sensible message with an additional layer of security, using (for example) PGP encryption , suitable also from webmails and with providers less privacy-focused (like Gmail), using a specific browser extension . References Tutanota seems to be forced to provide access to emails soon. The GNU Privacy guard Mailvelope Gericht zwingt E-Mail-Anbieter, Daten herauszugeben – Digital – Süddeutsche.de Source
Batu69 posted a topic in Security & Privacy NewsFreemium, open source encrypted email service, Tutanota, which is based in Germany, is offering to “donate” (as it puts it) the business version of its end-to-end encrypted email service to non-profits — so they either don’t have to pay for the service, or can tap into it at a half-price discount. “We are donating Tutanota because we believe the world can change and must change, particularly when it comes to the problem of mass surveillance. With this donation we want to do our part and make a difference to change the Internet for the better,” says co-founder Matthias Pfau. “We at Tutanota see ourselves as Freedom Fighters. We believe in human rights such as our right to privacy and freedom of speech. But as these rights are being cut by governments around the world, we need to fight back.” Tutanota does already offer a free service for private individuals, with 1GB of storage. But its premium product offers various paid tiers, starting from €1.20 per month, which includes things like extra storage, extra aliases, the ability to host at your own domain, additional power-user features, and so on. The donation offer, which Tutanota notes is being run in conjunction with two partner organizations which will be collecting a “small administration fee” to cover their costs (so it’s not 100 per cent gratis) — is currently available to non-profits in Austria, Canada, France, Germany, Netherlands, and Switzerland. Pfau says more countries will follow — including the UK and Poland. While he notes that non-profits located elsewhere can still get the business account with a 50 per cent discount. Also worth noting: Non-profits taking up either offer can only get 50 user accounts (so larger organizations are going to fall outside this offer). The free offer also includes 100 aliases and 1 GB of storage. On the latter, Pfau says more storage can be added if needed — thought non-profits will need to pay for any expansion. “Storage has to be added at the normal prices as we ourselves have to pay for the servers. However we keep prices for this as low as possible, and organizations can add the required storage package that is then shared among all users,” he adds. Tutanota, which started back in 2011, now has more than two million users, and “tens of thousands” of paying customers, according to Pfau — with its best markets being in Europe and the US. Article source