Tutanota Germany-based encrypted webmail

Discussion in 'privacy technology' started by dogbite, Jul 6, 2014.

  1. Reality

    Reality Registered Member

    Joined:
    Aug 25, 2013
    Posts:
    1,176
    Right. If this is a trend, makes you wonder if they'll stop people signing up via Tor and we know what that means.
     
  2. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    2,195
    @mirimir - agreed; without question one can have numerous accounts at any website forum and if "they" know you have in fact been quite careless. On the one in question its especially true because there is a zero knowledge build strategy. The numerous monikers don't exchange communications with each other and even if careless the site owner should not be able to examine those communications in the first place.
     
  3. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    23,934
    Tutanota Now Supports Several Cryptocurrencies for Donations
    Payment support with cryptocurrencies is planned
    July 18, 2018
    https://tutanota.com/blog/posts/cryptocurrency-support
     
  4. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,103
  5. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    23,934
    Tutanota iOS App
    August 29, 2018
    https://tutanota.com/blog/posts/new-ios-app
     
  6. dogbite

    dogbite Registered Member

    Joined:
    Dec 13, 2012
    Posts:
    1,260
    Location:
    EU
    Much better that the old one indeed.
     
  7. dogbite

    dogbite Registered Member

    Joined:
    Dec 13, 2012
    Posts:
    1,260
    Location:
    EU
  8. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    23,934
    New client security review
    https://github.com/tutao/tutanota/issues/601#issuecomment-435793028
     
  9. Yuki2718

    Yuki2718 Registered Member

    Joined:
    Aug 15, 2014
    Posts:
    1,909
  10. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    23,934
    Tutanota Releases Dedicated Desktop Clients for Linux, Windows and Mac OS (Beta)
    As an early Christmas present, we invite you all to test the brand-new Tutanota desktop clients
    December 20, 2018

    https://tutanota.com/blog/posts/desktop-clients/
     
  11. deBoetie

    deBoetie Registered Member

    Joined:
    Aug 7, 2013
    Posts:
    1,824
    Location:
    UK
    Thanks for the update on the desktop client @mood. From what I can see, it's an Electron-based browser type app. Also from a quick inspection, it doesn't support U2F, just TOTP for 2FA. But I much prefer a desktop type app to something running in a general purpose browser.
     
  12. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    23,934
    Tutanota launches Secure Connect, an encrypted contact form, to support Press Freedom
    May 3, 2019
    https://tutanota.com/blog/posts/tutanota-launches-secure-connect-encrypted-contact-form/
     
  13. sdmod

    sdmod Shadow Defender Expert

    Joined:
    Oct 28, 2010
    Posts:
    974
    Desktop App
    'Windows 7 or above is required'
     
  14. dogbite

    dogbite Registered Member

    Joined:
    Dec 13, 2012
    Posts:
    1,260
    Location:
    EU
  15. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    23,934
    Secure email provider Tutanota launches free encrypted calendar
    July 8, 2019
    https://tutanota.com/blog/posts/free-encrypted-calendar/
     
  16. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,103
    Nice :thumb:

    And I gotta say that I like their approach to encryption with people not using their service. They basically provide them limited accounts, authenticated with a password that the sender has shared through another channel.

    It's not as convenient as supporting GnuPG messages outside Tutanota. But it protects metadata from network observers. Plus, it's good marketing. Better would be if all encrypted email providers securely federated. As Riseup etc have done, exchanging encrypted messages via Tor onion services.
     
  17. TomAZ

    TomAZ Registered Member

    Joined:
    Feb 27, 2010
    Posts:
    1,128
    Location:
    USA
    Yep!! Unfortunately, I found that out as I was hoping to use it with my XP setup. However, I have used their webmail for a few years now and really like it.
     
  18. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    2,195
    Yep, I have been enjoying their service for some real name stuff. I really like how TM remembers the unique passwords for each of my contacts. Most of the people I use TM with would never use GnuPG so that is a waste of me attempting.

    My Protonmail accounts are seeing "ads/preliminary" info that now PM is putting together some type of encrypted calendar as well.
     
  19. deBoetie

    deBoetie Registered Member

    Joined:
    Aug 7, 2013
    Posts:
    1,824
    Location:
    UK
    I've found it interesting that, even with a service with free options, manifestly less intrusive and more respectful than the scummy "free but abusive" comparisons, it's still an uphill task to get people to get it, and adopt it. The remaining thing after the calendar feature is, in my opinion, the ability to export the mailbox in bulk and have it encrypted. Many people use mail as a searchable file store.

    I have a similar issue between Signal and the dreaded Whatsapp. Bizarre, except for the network effects and peoples' willingness to be led to the slaughter.
     
  20. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    2,195
    The Tutanota calendar is a "work in progress" even by their own admission. Several additional features are in the pipeline, and as is usually the case the desktop client is far superior to their Android app at this point. In fact I don't see calendar at all on my Androids.

    Truth be told I am "toggling" between Protonmail and Tutanota. I use both and they show promise. Biggest downside for me is that TM does not offer a PIN feature on their Android app. I like to secure my Android lockscreen with biometrics but then add a PIN to access an app once beyond that point. With PM if you enter an incorrect PIN several times it wipes the app from the phone, which I like alot.

    Bear in mind this is real name Android security, nothing similar to what I actually consider security, LOL! Either provider being accessed via linux desktop and NEVER any Android could be "hobby" secure if compartmentalized properly. I do that too with different accounts of course.
     
  21. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    23,934
    Court forces e-mail provider Tutanota to release unencrypted messages
    November 15, 2019
    https://www.andreafortuna.org/2019/...der-tutanota-to-release-unencrypted-messages/
     
  22. longshots

    longshots Registered Member

    Joined:
    Oct 20, 2017
    Posts:
    186
    Location:
    Australia
    I've noticed that nobody has ever raised the question about the ultimate pressure that could be applied to both Tutanota and ProtonMail, and that is that they are always under threat of having their domains seized.
    US Government Says It Can Seize Any .Com Domain
    https://www.gizmodo.com.au/2012/03/us-government-says-it-can-seize-any-com-domain/

    And old article which I like to trot out from time to time, but still very relevant today.
     
  23. deBoetie

    deBoetie Registered Member

    Joined:
    Aug 7, 2013
    Posts:
    1,824
    Location:
    UK
    Tutanota at least has a .de domain which could, I suppose, be co-opted at the worst. By default, you need to have registered with that domain though.
     
  24. cb474

    cb474 Registered Member

    Joined:
    May 15, 2012
    Posts:
    351
    I wonder if it's possible to design a system where once the email is received from the outside email service and encrypted on the server of a service like Tutanota it then cannot be decrypted by that service (but rather only by the key/password that the specific user holds). That would obviate this situation.

    Or maybe, at least, the next time the particular user signs in, any new emails from an outside email provider would be reencrypted with the users key/password and the original version wiped.
     
  25. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    23,934
    In this case they can simply be forced to make a copy of the mail before it reaches the mailbox of the user (and before it will be encrypted)
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.