Based on some intelligent information that I’ve received, the story behind the forceful request of Tutanota mail (tutanota-dot-com) for creating a recovery key, is just the authority of Ger~man intelli~gence ser~vice for accessing users email on Tutanota’s servers. so this means that they created a backdoor on the Tutanota mail servers. The request for the creating of ‘Recovery Key’ for Tutanota email never requested by users base(as far as I’m aware), but this will be the end of privacy for Tutanota mail users. Even from start, Tutanota will not allow users to Encrypt the emails by PGP, so this was emails will be encrypted twice(while even PGP is broken by three letter agencies before, also this, using it will better than don’t have any encryption at all, at least when you have a web-server, emails in your web-server encrypted by PGP key, is a little safer than you are not doing it at all.), this would be safer.
I don’t have any alternative options to suggest at the moment and I’m not sure that proton-mail be safer than Tutanota as well.
I don’t have a printable proof for this, as this kind of information will ever go public on newspapers ever.
I’m curious to learn more about your source for this, @Blonde. Having a recovery key for services where the content is encrypted with the user’s password is quite common, so assuming that it’s a backdoor for German intelligence services seems a bit far-fetched to me given lack of other evidence.
Dear Fed agents: always when I’m posting, I’m behind the TOR networks and 5 connected layers of different VPN in different countries who boughten over anonymous internet by crypto and connected over public internet via live version of Tails where there is no CCTV. thank you?
who knows that what strategy is implemented in that one, while this is an older product in the market. But I think they may have a darknet domain here protonirockerxow.onion but rumor said they don’t let registration over darknet(this flag up my security+privacy concerns)
As per my knowledge, three letter agencies will attack all the encryption, protocols and middlewares. Unless you are qualified and know the process of how to make a encryption system that is three letter agencies proof, I guess anyone most probably fails.
Also I heard the police invented a new structure, that is turning off CCTV and rotating cameras 180-degree to opposite side. Simply they force you to speak and answer questions or going over bed with you,… This happened to someone I know in UK. When she complained to IOPC, the police denied everything and claimed ‘she is complaining to claim for compensation’ to deny her claim base. I forgot to mention, she was the victim and complained to police, so they give her justice lol
protonmail update: They ask for a telephone number for verification against Spam lol when registering, if you refuse/(sometimes-even-accept) to put recovery email(while opening the free 500MB email). It’s not possible to bypass telephone registration. So this is an invasion of privacy line again.
Bro. You really need to do some studying. First of all, a recovery code is not a government backdoor. Tutanota does not have access to your recovery code. It does not allow them to decrypt your messages. It, essentially, is a second password. Second of all, you are not doing yourself any favors by connecting to Tor via a VPN.
Youre claims are ridiculous. It’s like saying because tutanota asks for a password that means they are able to back door you
What led you to think this in the first place? I am confused as to how you could come to the conclusion that a recovery code means that tutanota can backdoor your account? All their software is open source.
You have done nothing but put fear and doubt in to the mind of users and stirred the pot, as well as demonstrate your complete lack of understanding of the subject. Shame.
No, that’s wrong. Firstly someone’s complete lack of cryptography knowledge exposed here in the last post that is mentioned “What do you mean back up your encryption. Key? The password you enter to decrypt your device IS your decryption key.” while this is wrong, as the answer is, an Encryption key is that can be used to restore the dmcrypt header, this(backup of the key) is for fail-safe in every standard encryption procedure.
Secondly, there are many reasons that backdoor claim is true, one proposal is by Mathematics theories say that if we can find one occasion that theory does not work, we prove that theory is false. This key can be created by using an algorithm over a series of data that user provides, thus while users even didn’t ask for this boldly, and its added, and this is a key that can be used by a supercomputer to search all emails in databases decrypted to find and flag up some accounts. While users that already flagged for a reason, that make the job easier for feds as they can decrypt that account using this key. This is a strategic cryptography matter for whom they know.
Thirdly, someone’s ridiculous claim that using TOR without VPN is safe can have suspicious bases:
Someone completely misleading for unknown and suspicious reasons, this can be one scenario;
In five eyes to 14-eys countries also NATO areas, all people used the TOR without proper VPN setup or without proper encryption, where that service isn’t bought on proper anonym internet by proper crypto or user doesn’t have DNS encryption over TLS, she/he will be exposed to feds and will be flagged up on feds blacklist, that will affect you from when you are traveling abroad to when you are applying for clearance for job(even as a front job). This will be a permanent lifelong effect.
For whom that don’t have criminal records and researching/shopping under the radar, they know that keeping cover how much is important. It’s foolish that smart girl exposes herself unless she has a prison wish;
Whenever someone in 14 eyes countries uses the TOR, this node will be tracked back to her/him, will expose his location and real IP and leads to unencrypted information. As feds themselves will running the some of the TOR nodes for you, under the name of,… They will track people down and lunch a honeypot for the victim,(fake website, fake cell tower, fake phone call from a legitimate number that you know or saved in phonebook) leading her/him to a fake website based on her/his searches interests, just clicking on products that it’s illegal to buy(even party drugs) or placing an order, will lead to jail sentence with no appeal possible, e.g. Ross Ulbricht case and how he gets arrested because of running an online shop is an example.
Sadistic Feds are more males have more eager to catch cutie pie girls then ugly ones, sometimes secret agencies looking to trap the smart ones, when they get caught to undertake the torture from hell in prison:
Or forcing her to accept to co-operate for life as an agent until she dies in mission impossible:
This is some innocent British teenagers who caught by NCA/GCHQ and forced to work under minimum wages or spend a long and traumatic jail time:
UK gave survillance power to Secret Servicies and Police to break into British peoples privacy lines, as same level of power of dictator countries have over their citizens:
