8
submitted 1 year ago by Saki@monero.town to c/privacy@monero.town

A storefront, said Ortis, is a fake business or entity, either online or bricks-and-mortar, set up by police or intelligence agencies.

The plan, he said, was to have criminals use the storefront — an online end-to-end encryption service called Tutanota — to allow authorities to collect intelligence about them.

Tutanota (now Tuta) denies this: https://tuta.com/blog/tutanota-not-a-honeypot

top 9 comments
sorted by: hot top controversial new old
[-] workerONE@lemmy.world 3 points 1 year ago

Something sounds off here. Maybe the RCMP had a backdoor or a warrant or something into tutanota but it's not a storefront like the article says.

"A spokesperson for Tutanota, now Tuta, denied the claims. "[Tuta] is not owned or operated by any secret service, nor is it a 'storefront' as claimed by Cameron Ortis,""

[-] IP2@monero.town 2 points 1 year ago
[-] workerONE@lemmy.world 2 points 1 year ago* (last edited 1 year ago)

Who is accusing them of this and what is the accuser's reputation? According to this article, one Canadian official was told by someone that they had a PLAN to use tutanota is a malicious way, but there's not even an accusation that anything ever happened. https://cyberwarzone.com/is-tutanota-a-honeypot-for-intelligence-agencies/

Tutanota's reply: "Hi there, these allegations are absolutely false. Tuta was founded in 2011 by Arne Möhle and Matthias Pfau who knew each other from studying together at FHWD university in Germany. To this day, the company is wholly owned by Matthias and Arne, and is not liable to anyone else.

The Tutao GbmH is not owned by any secret service, nor is it a "storefront" as claimed by Cameron Ortis. These allegations are completely untrue.

With offices in Germany we only respond to valid warrants issued by German courts. You can read more on this in our Transparency Report: https://tuta.com/blog/transparency-report

In addition, Tuta is open source and the entire client code is published on GitHub. Thus, everyone can inspect the code and verify how the end-to-end encryption in Tuta works and that there are no backdoors hidden in the code."

[-] Saki@monero.town 3 points 1 year ago

In addition, Tuta is open source and the entire client code is published on GitHub.

One can freely share “good” source code while actually using something different; which might be an intrinsic problem of an “open-source” web service. Plus, one has no reason to believe that the service has never been compromised: someone might have a backdoor that Tuta itself is unaware.

I’d like to believe that Tuta is not evil, but ultimately that’s anyone’s guess. I’d recommend true e2e (local-to-local) such as PGP, rather than trusting a middle-man e2e provider.

[-] autotldr@lemmings.world 2 points 1 year ago

This is the best summary I could come up with:


Cameron Ortis, the former RCMP intelligence official on trial in Ottawa, says he was tipped off by a counterpart at a "foreign agency" that the people he's accused of leaking secrets to had "moles" inside Canadian police services.

"I had sensitive information from multiple sources that each of the subjects had compromised or penetrated Canadian law enforcement agencies," Ortis testified last week.

The testimony is contained in redacted transcripts released Friday evening, more than a week after the former civilian member began testifying in his defence during his unprecedented trial.

The Crown alleges Ortis used his position as the head of a highly secret unit within the RCMP to attempt to sell intelligence gathered by Canada and its Five Eyes allies to individuals linked to the criminal underworld.

Ortis is accused of sharing information in 2015 with Ramos, the head of Phantom Secure, a Canadian company that made encrypted devices for criminals.

Under cross-examination, Crown prosecutor John MacFarlane asked why Ortis didn't approach one of the Five Eyes partners to discuss his plans with them "just generally."


The original article contains 994 words, the summary contains 175 words. Saved 82%. I'm a bot and I'm open source!

[-] tusker@monero.town 2 points 1 year ago* (last edited 1 year ago)
[-] syfershock@syfershock.com 3 points 1 year ago

@Saki @tusker @Tutanota

This gosssip circus is a top-notch advertising campaign, free of charge. You could not have ever hoped to pay gold doubloons for such advertising. The Internet hive mind says, 'gratis'.

[-] orwelwasright@monero.town 1 points 1 year ago
[-] Saki@monero.town 2 points 1 year ago

You can use any email provider in a pretty privacy-friendly way, as long as you sign up anonymously, always use it via Tor, and (most importantly) do gpg locally and just paste ascii. Don’t share your secret key with them/anyone!

  • Monero users understandably tend to like Monero-accepting services. Tuta does, albeit indirectly; Proton doesn’t. There is also cyberfear.com, a less known anonymous email provider accepting xmr, but maybe no one is sure if it’s okay.
  • Despite all potential issues, for normal users who are still using Gmail etc., Proton/Tuta are still recommended (simply because they’re better than Google).
this post was submitted on 15 Nov 2023
8 points (100.0% liked)

privacy

2 readers
1 users here now

Rules (WIP)

  1. No ad hominem allowed
  2. Attack the idea, not the poster

founded 1 year ago
MODERATORS