TUTANOTA IS COMPROMISED

David Torres
David Torres

WARNING

Tutanota recently released a new recovery code feature that allows a user to recover their account if they forget their password. This recovery code adds a second method to decrypt your private key and thus your emails. This feature was never asked for by the user base, and they refuse to let users opt out of creating a recovery code. Each time you log in to Tutanota you will see a pop-up requesting that you create a recovery code.

Now I will explain why this is happening:

I work within the German government, and I know for a fact that Tutanota was served an order by the intelligence services to create a database that can be used to decrypt any user's email address upon request. Tutanota is currently under a gag order and cannot speak about this request publicly. This is basically Hushmail/Lavabit 2.0. The recovery code is essentially a government recovery code / backdoor used to read your email if requested by the government.

I'm posting via a public WiFi with a disposable device in a location with no CCTV cameras. This was very hard to do, and I won't be posting again so please do not delete this thread. Users please screencap or archive the thread. I felt I must warn people, especially journalists who rely on the security of Tutanota and may reside in countries with oppressive regimes or human rights abuses.

Attached: 37860a6c17620ce130a5ea98ae4d904422f06aa14de035ad88767d8843926eb7.jpg (3.79 KB, 255x255)

Other urls found in this thread:

bleepingcomputer.com/news/security/hacker-say-they-compromised-protonmail-protonmail-says-its-bs/
bitmessage.org/wiki/Main_Page
github.com/TokTok/c-toxcore/issues/426
tutanota.uservoice.com/knowledgebase/articles/470717
github.com/tutao/tutanota
restoreprivacy.com/vpn-logs-lies/
signal.org
compliance.conversations.im/
homebrewserver.club/picking-modern-xmpp-clients.html

Josiah Nelson
Josiah Nelson

Bump for visibility

Elijah Cooper
Elijah Cooper

TUTANOTA
Never heard of it before. A social media alternative?

Adam Rogers
Adam Rogers

Email provider that is supposedly focused on privacy, no google-esque rummaging through email text for "direct marketing" purposes.

Hunter Cruz
Hunter Cruz

TUTANOTA
????

Angel Martinez
Angel Martinez

tldr javascript is [email protected] redux 1,000,000,000,000,000,0000

Anthony Bell
Anthony Bell

Free email. Good as a throw-away.

Asher Perez
Asher Perez

I don't know what is going on but i bet Jews did it
Europeans have to jump through hoops to post here or fsce Jail time. Thats pretty gay

Sebastian Ross
Sebastian Ross

I dunno if this is real but bumping just in case. Fuck the NWO gestapo giganigga gangster commie police.

Lucas Ortiz
Lucas Ortiz

NOT ANYMORE IT AIN'T!!

Noah Moore
Noah Moore

Ugh. Bump for I wish it wasn't so…. back to g(ay)mail.

Attached: 1366-2000.jpg (163.7 KB, 1366x877)

Ryder Wright
Ryder Wright

bump.

what if OP actually glows and is just posting this to ruin faith in a single viable email tool?

Attached: 1506278670283.jpg (193.21 KB, 800x1198)

Ethan Parker
Ethan Parker

Bump for visibility

Oliver Richardson
Oliver Richardson

So if we don't make a recovery code we might be safe?

Andrew Cook
Andrew Cook

they refuse to let users opt out of creating a recovery code. Each time you log in to Tutanota you will see a pop-up requesting that you create a recovery code.

Tyler Myers
Tyler Myers

what if you have green ears and a 16" dick

Jayden Cruz
Jayden Cruz

Bump

Parker Edwards
Parker Edwards

Sucks, was a good burner email service but now ill just find something else. Add opt out or rathee opt in and id reconsider. Forcing a feature onto users is stupid. Just another example of normalfags shitting up an email service thinking that email is by any means a secure means of chatting.

Daniel Thompson
Daniel Thompson

I use Tutanota occasionally because it seemed pretty secure and simple. It's unfortunate to hear this, but also no way to confirm this.
They at least give you the option to postpone I guess?
But creating a new account probably forces you to have one.

Why the fuck would you use gmail

Attached: tuta.png (42.42 KB, 792x246)
Attached: tuta2.png (301.24 KB, 1556x1176)
Attached: Beta-Client-Now-Supports-Secure-Password-Reset.---2018-11-30.png (148.79 KB, 1162x1150)

Ayden Sullivan
Ayden Sullivan

They at least give you the option to postpone I guess?
Must have missed this when i read. Its still a viable burner if they allow you to postpone creation. The moment it becomes necessary during account creation is when ill drop it.

Mason Bailey
Mason Bailey

Antipodean Resistance used this service

Mason Hernandez
Mason Hernandez

Reminder that jews own literally all communication, proving that no one will ever fight back against them at any time.

Samuel Garcia
Samuel Garcia

asses and elbows

Benjamin Ortiz
Benjamin Ortiz

Why doesn't anyone fire up Tutanota, experiment and report? I'm too lazy to but at least I'm going to spare you my speculative theories.

Michael Perry
Michael Perry

Still better than (((gmail))) but yes I was annoyed by a stupid recovery code appearing.
What the fuck do I do with this? Was my only reaction.
Just seemed like even more of a liability for a breach.

Caleb Parker
Caleb Parker

Were you allowed to bypass recovery code creation?

Mason Miller
Mason Miller

How about ProtonMail?

Jason White
Jason White

I literally searched "protonmail pozzed" and it came up positive but I'm not tech enough to know if true. Tutanota seems seemed like the last unpozzed.

/tech/988984
Tutanota is the best non-pozzed email provider.
"Tutao has the right to show its customers security notices as well as information in regards to contracts with the customers, to product updates, to Tutao GmbH, to other products and to products of partners. Partners are exclusively companies that can be recommended by Tutao GmbH because they advocate human rights, data protection or privacy." Changes will come into effect on November 2, 2018, for all users. "

Ayden Ward
Ayden Ward

Weren’t they just hacked? Their symbol is the old jewish symbol for the atom with the star of remphan in it, too.

Nolan Lopez
Nolan Lopez

oy vey goyim you said the truth therefore you’re a paid shill
/suicide/index.html
Prove me wrong, in any capacity, or kill yourself.

Xavier Long
Xavier Long

Apparently that was a false alarm.
bleepingcomputer.com/news/security/hacker-say-they-compromised-protonmail-protonmail-says-its-bs/

Carter Lopez
Carter Lopez

Jews jewing non-jews as jews. What else is new

Chase Bell
Chase Bell

Didn't you read the OP? This is all just dressing up having to store your emails for the gov's perusal. Likely they share your "recovery code" even if you don't know it. Its a dumb feature even if you take it at face value and a red fucking flag because if you can't remember your password then why the fuck can you be trusted to remember and even more forgettable random jumble of numbers? Why do you need a backdoor when you can go in the front just fine?

Michael Morgan
Michael Morgan

what if OP actually glows and is just posting this to ruin faith in a single viable email tool?
My thoughts too, always a possibility. Why would he need to post once on a burner device and never revisit the bread? Seems fishy.

Asher Miller
Asher Miller

Until it becomes a forced feature theyre still a viable burner. Im not saying it isnt shit but its not required yet

Ethan Sanders
Ethan Sanders

why would someone practice good opsec?
I can smell you, jew.

Jason Cooper
Jason Cooper

I think you can choose to not do it and it only nags you on mobile, but I made the mistake of setting it up.

Sebastian Parker
Sebastian Parker

doesnt necessarily have to be forced.. Those who dont voluntarily do it could have a default recovery code added without their knowledge..

Parker Barnes
Parker Barnes

Tutanota is compromised
a website hosted in Germany, of all places
compromised
No shit. Whoever uses a server hosted in a EU country for their communications might as well broadcast them for all to see. Doubly so for France, Germany and Great Shitstain. Use Protonmail or host your own server; there is no alternative.

Attached: 1358185034332.png (30.89 KB, 448x357)

Jack Clark
Jack Clark

Tutanota became property of NSA at least by August 13, 2016–the date when The Shadowbroker leaked all of NSA EQGRP's goodies on Github.

the account creator of that Github account used a Tutanota email account. of course NSA hacked Tutanota and have been copying 100% of Tutanota traffic as well as stealing their private crypto keys and bulk decrypting everything.

NSA will never again let another Shadowbroker using Tutanota catch them with their pants down. so there's that reason to considered Tutanota as burned.

bizarrely, a year later, in the Shadowbroker's auction of unreleased NSA virus goodies, he recommended buyers use Tutanota to send him emails about purchase confirmations. (of course The Shadowbroker has a tremendous sense of humor and knows perfectly well that Tutanota and all email is being wiretapped by NSA, and that there is only one way to defeat the NSA's net cast around the entire Internet and to be anonymous.

me amigo, i would bet your bottom dollar that Tutanota has been compromised by (((glow niggers))) since day one, because that's just how they roll–hack every service provider of pseudo anonymous comms years ahead of time while they are small and obscure is just NSA's default posture.

ironically, the best way to DEFEAT LIST what NSA is doing is by not trying to hide by using 1337 крипто at all. i'm going to share a lil' secret with you about how to truly be invisible from (((NSACIAFBI))). it is stupidly easy and obvious and 100% fool proof and you'll kick yourself for not thinking of it and for creating crushing extra work for yourself and hoops to jump through.

YOU DON'T NEED TO HIDE AT ALL. YOU JUST NEED TO BE SOMEBODY ELSE. steal someone else's WiFi. hack or burgle into their SOHO network and "borrow" their Internet connection. do the ol' trick of dropping infected USB sticks in busy places, waiting for passersby to find them, take them home, and plug them into their own computers and thereby infect themselves with your botnet that gives you access to proxy through their networks. or if you're bad ass you can do what the Shadowbroker himself did to remain untouchable for at least 8 years and to hit the hardest targets and pull of the top 10 greatest hacks of all time. hack into wifi routers, security cameras and printers and use them to build yourself a botnet of relays to proxy your comms. NSA won't even fucking see you much less be able to find you.

Attached: shadowbrokers-tutanota.png (84.71 KB, 899x885)
Attached: DZ-literal-ghosts-in-the-machine.png (177.09 KB, 671x292)
Attached: DZ-chance-to-come-clean.png (79.43 KB, 670x366)
Attached: DZ-logged-in-as-sbroker.png (57.41 KB, 669x358)
Attached: DZ-sbroker-used-tutanota.png (116.7 KB, 760x721)

Jaxon Diaz
Jaxon Diaz

Also, you see this little message at the bottom of the page? Every day, whenever you come here, check for it before you post anything. The moment it disappears, it's time to pack up and leave, without looking back for a second.

Attached: warning---Copy.PNG (2.69 KB, 600x26)

Cameron Phillips
Cameron Phillips

host your own server

this. It's really not that complicated to set up; there are plenty of tutorials and most OS distributions come with everything necessary. The hardest part is getting the spam protection configured, but again there are tutorials. And once you do you can make all the addresses you need for your friends, your sockpuppets, add new domain names, etc.

But, if you need real OpSec, forget email. Use bitmessage.

bitmessage.org/wiki/Main_Page

Juan Brown
Juan Brown

everything is pozzed.
why can't i have just a little bit of privacy?
i close the bathroom door when i go to the loo!

William Edwards
William Edwards

Protonmai is pozzed too. Might as well use an @yahoo.com or @hotmail.com account

David Watson
David Watson

It's really not that complicated to set up;
It actually is these days, especially if you want to make sure your IP is not black listed. There are a very large amount of variables in play, making it extremely easy for even competent users to screw up. I still recommend everyone try it out, but unless you're willing to invest time learning which goes far beyond the basic setup guides, you are likely to spend a lot of time creating a solution with less security than the commercial providers.

Caleb Flores
Caleb Flores

I'm glad he's still going I'm Spartacus

Luke Edwards
Luke Edwards

bitmessage
Don't your encrypted bitmessages persist forever in the blockchain like transactions in bitcoin?

James Ross
James Ross

Those who dont voluntarily do it could have a default recovery code added without their knowledge.
That's likely not possible. Assuming the service was unpozzed from the beginning (a fair enough assumption, given that they're now insisting on creating recovery codes for government access), they require your decryption key in order to create the recovery code (essentially another decryption key). If you don't create a recovery code, your mail remains inaccessible.

Gavin Baker
Gavin Baker

"safe email" is a fucking meme. use gpg in a local client or unplug.

William Foster
William Foster

This.

Xavier Walker
Xavier Walker

That's still no good though, satan, because if you're using encrypted messaging with another Tutanota user and they're pozzed, you are by contagion pozzed in that line of messaging. AND YOU CAN'T TELL WHO'S POZZED ANYMORE among tuta users. That's like the AIDS epidemic all over again!!!!

Landon Myers
Landon Myers

the woes of centralized messaging

Elijah Harris
Elijah Harris

Please use encryption ALL the time. Even if you use an encrypted service like protonmail, encrypt your mail on your own computer or phone first.

Jaxon Bennett
Jaxon Bennett

Why doesn't someone just create an open-source browser extension that acts as a wrapper around pozzed services and encrypts the text and attachments before they're even sent to the server?

Attached: 0470ea901eb5cd879ef08f47f32953fe011047078db2177ac0fc896d973ffebf.png (2.01 MB, 1233x1479)

Jordan Harris
Jordan Harris

Well, shit. Is ProtonMail safe?

Adrian Cruz
Adrian Cruz

if you're using encrypted messaging with another Tutanota user and they're pozzed, you are by contagion pozzed in that line of messaging.
This is true. I was addressing only the "recovery added for you by default" issue, which in reality is unlikely to be possible. Make no mistake, though, the service is now thoroughly pozzed.

Nathaniel Reyes
Nathaniel Reyes

And always create the biggest fukken key pair possible

Ayden Martin
Ayden Martin

Protonmail recently added encryption options if you're sending to other servers, but don't use it, always write your email on your computer or phone first, and encrypt it locally before sending it.

Carter Howard
Carter Howard

All the big "super duper private" email and vpn firms are comped. All of them. We heard some shit about Nord VPN a couple months ago too. It's interesting news but should be filed in the "you should have expected this, you were warned, why didn't you listen" circular.

Matthew Rivera
Matthew Rivera

not using gpg through webmail accessed over tor
pleb

Brayden Howard
Brayden Howard

Isn't Tutanota run by the same sort of people as RiseUp (as in antifa/commie fags)?

Cameron Williams
Cameron Williams

Why is there no DHT based chat app?

Aaron Powell
Aaron Powell

No, but there are no real "safe" emails.
I use Tuta as a main email, but I literally dont use it for anything. Might switch over to Protonmail but I dont even use emails in general anymore. Who the fuck needs emails unless for business practices?

Eli Clark
Eli Clark

I work in government
Yep seeing lots of posts of these kind here lately.
Dunno if cia niggers or little upstart tech kikelets jewing each other.

William Gutierrez
William Gutierrez

It doesn't matter if OP works in government or not. What he is saying is correct: now that Tuta is demanding that all users create a recovery code, which THEY store serverside, any user that has created a recovery code is now pozzed. That is an undeniable fact.

Evan Bennett
Evan Bennett

please don't tell me you're recommending a browser plugin.

Nicholas Young
Nicholas Young

Nope. You take the email contents and copy paste them into your terminal GPG program, and vice versa.

No client software needed. Just good old fashioned mouse movements and middle clicking.

Alexander Moore
Alexander Moore

Also their explanation sounds somewhat dubious for a very convoluted password reset system that is unsafe by design and never been used by any serious website.

John Sanchez
John Sanchez

using tor which has been compromised for years

Justin Hill
Justin Hill

good job user

Carter Kelly
Carter Kelly

explain or fuck off

Liam Hill
Liam Hill

but all computers are pozzed
learn nu-navajo
communicate in dreams..

Mason Gomez
Mason Gomez

I have hopes for powerpc, even if it's foolish to do so

Gabriel White
Gabriel White

using a computer at all
speaking https://en.wikipedia.org/wiki/Cone_of_Silence_(Get_Smart)

Jace Lee
Jace Lee

This, right? I'm using Tutanota just because I don't have to link a cell phone number to it like with Gmail. I don't really need encryption tbh, I only do normie shit via email.

Colton Morales
Colton Morales

then just use cock.li, it's a much faster compromised email server

Eli Thompson
Eli Thompson

cock.li
yeah but like I said, I use email for normie shit.
I don't want to tell my boss or my mom to email me at my cockmail

William Robinson
William Robinson

use Yandex. because at least that way your emailed lolis won't be read by some snooping pervert local Field Office FBI faggot, who is corrupt as sin and on the Clinton Crime Cartel payroll, and who is looking for dirt to threaten you to become their informer or else, and it won't be some blue haired tranny Langley xer reading your emailed dikpix to blackmail you to become their asset or else drone strike for you–no, those cocksucking DC Swamp traitors to the Constitution don't have raw access to Yandex mail.

at the very least, you'll force the top floor of the Ft Meade glow niggers to break a sweat reading your emails by hacking Yandex, and so they'll have to tip toe very carefully on the rice paper and only make use of the SIGING in your emails if it is of exceptional Intelligence value or else risk burning their whole Yandex hack op or worse–risk enraging MUH RUSSIA with an overt act of cyberwar and triggering proportionate retaliations, such as Russia dumping the OPM database on Github.

as an ancillary bonus, you'll be helping Russia fight back against the NWO OWG by giving them your patterns of life. i have exactly zero fears of Russians using my private data against me in any way. ironically, i would welcome the Russian govt to spy on my entire life, because i have nothing to hide from them and i am ultimately on the same side as they are and so i trust them. sadly, i cannot say the same thing about my own govt, who have time and again let all Americans down and betrayed us and stabbed us in the back by abusing our private data to run coups against our own President and to start illegal wars and to create the terrorists and to turn the 3rd world shitholes into even worse shitholes and to help (((WallSt))) fleece us and rob us blind. as you can see, it's pretty clear which side of the equation group i'm on.

use Yandex. you'll thank me later. you'll find out.

Attached: use-yandex.png (229.7 KB, 1856x974)

Isaiah Gonzalez
Isaiah Gonzalez

Thankyou for he post OP
Bumping, everyday peacful resolution moves further away, but the muscles grow larger, and more bullets get moved into the magazine.

Dylan Edwards
Dylan Edwards

yaas, use cock.li goy. nevermind the dude who runs it in Romania has been tweeting repeatedly going back years that when the FBI asks him for data on his users, he VOLUNTARILY hands it over, and doesn't even make FBI go through the legal process.

never trust a faggot offering a "free" service who is so broke ass ghetto that he cannot even afford to pay an attorney to talk to the FBI for him and instead just gives the FBI whatever they want.

and see that last pic? it shows the FBI asking him to keep it secret that they are asking him for user data and that he is giving it to them.

if you actually believe "Canary Warrants" on websites fucking work at all, and that a similar informal arrangement hasn't been made between FBI and Zig Forums going back years, then i've got a fucking igloo bridge to sell to you gullible dupe Eskimos.

Attached: cockli-is-fbi-5.png (226.52 KB, 608x898)
Attached: cockli-is-fbi-4.png (586.88 KB, 609x922)
Attached: cockli-is-fbi-3.png (261.1 KB, 580x786)
Attached: cockli-fbi-2.png (35.76 KB, 604x341)
Attached: cockli-is-fbi-1.png (32.65 KB, 617x297)

Anthony Morris
Anthony Morris

I only do normie shit via email.
If that's your use case, then Tuta is still a valid option. With the introduction of the recovery code Tuta is now reduced to the level of privacy of every other email provider: i.e. if the feds want the contents of your email, they have it. That doesn't mean you can't still use it for normalfag communications. Where that can break down, however, is in the perceived security of the platform by less knowledgeable users than yourself: e.g., some normalfaggot that thinks he has security on the platform decides to email you something compromising, believing that it is safe because it's through Tuta. If that's a risk you're willing to live with, then there's no harm in continuing to use the platform. Personally, I'd look into migrating elsewhere.

David James
David James

as opposed to some sketchy German one no one remembers how to spell? they have "airmail.cc" fam

Mason Anderson
Mason Anderson

one more thing. notice how the FBI tells him not to disclose to all of his users that he has handed over data on one of them, and then FBI softly twists his arm by saying if he cooperates then he won't have to personally appear before the grand jury in Florida.

wanna bet FBI faggots profiled his life, looked at his bank accounts, his net worth, his financial situation in life, and determined it would be prohibitively expensive for him to take time away and fly to Florida and pay an American attorney to represent him before the grand jury? and a grand jury can make your ass sit in the chair and testify for an unlimited time. FBI certainly abuse the grand jury process to intimidate and scare "witnesses" into voluntarily cooperating and not challenging the grandy jury summons nor the FBI at all in Court.

that's some fucking dirty tricks bullshit being pulled by FBI. just look at fucking traitor Robert " Saddam Hussein may supply terrorists with biological, chemical or radiological material" Mueller for Exhibit A for how Grand Juries have become a farce, a circus and cynical Iron Maiden for the New Inquisition to torture you as witches unless you confess to your MUH RUSSIA collusion.

Ayden Watson
Ayden Watson

so basically SVD > CIAniggers?
You forget even vodkaniggers with badges will sell anything they can get their hands on, they're all out for themselves.

Blake Cox
Blake Cox

what part of "compromised" confused you? Also you're a retard if you think every email service doesn't do this.

Liam Scott
Liam Scott

know why you can trust SVD > Langleyglownigs?

here's why.

Langley faggots can import thousands of tons of cocaine into the US, they can create, fund and arm ISIS, they can hack Mercedes of reporters to assassinate American citizens on US soil, they can drone strike Americans on foreign soil, and they can recruit every low life mafioso scumbag and give them a Get Out of Jail Free card and the Invisibility Cloak of Top Secret, and the CIA trannies never once face any consequences for their domestic crimes and for their foreign blunders. shit man, if you're CIA, the worse you are at your job, the higher your career path aims and the faster you get promoted. CIA is the living embodiment of the Peter Principle.

however, if an SVD agent double crossed Putin and betrayed Russia and abuse their intelligence for personal profit or helped foreigners in any way, you know what would happen to that guy? passersby would find his body hanging by his balls from a 5th floor balcony.

from that perspective, being ruled over by a brutal individual who wields an absolute monopoly on violence works to your benefit. you can actually trust the system because the system has zero tolerance for defection.

Grayson Baker
Grayson Baker

I'm moving toward Tox. I hope to get the few normies I communicate with using it.

So long as you're not promoting faggotry. If you do, they'll burn you so fast.

Mason Ward
Mason Ward

Tox
Last I read it was still vulnerable to KCI
github.com/TokTok/c-toxcore/issues/426

I like your point

Connor Evans
Connor Evans

lavabit.com or neomailbox.com are far superior. Not free, but worth the money

Angel Lee
Angel Lee

lavabit
weren't they shut down?

Kayden Brooks
Kayden Brooks

good info man, thanks

Kayden Gomez
Kayden Gomez

Ladar shut down his company rather than comply with a national security letter compelling him to modify his source code and turn over his private TLS keys. Ladar relaunched the service Friday, January 20 2018.

Jose Martin
Jose Martin

not using pgp
cockli is also finding a way to automatically encrypt the message itself, at least that's what canfield said.

Justin Reyes
Justin Reyes

Their servers were raided by the german federal police and were given digital disk drive copies to the FBI. There was nothing vince could do.

Dominic Allen
Dominic Allen

I work within the German government, and I know for a fact that Tutanota was served an order by the intelligence services to create a database that can be used to decrypt any user's email address upon request. Tutanota is currently under a gag order and cannot speak about this request publicly. This is basically Hushmail/Lavabit 2.0. The recovery code is essentially a government recovery code / backdoor used to read your email if requested by the government.

Warrant canary solves that.

Justin Jones
Justin Jones

That doesn't say you have to, just that it asks. So I'm hesitant to consider it as a must.

uhhh
pic related, you can postpone it

Attached: asdf.PNG (13.2 KB, 491x190)

Zachary Scott
Zachary Scott

Eat shit moshe.

John Bell
John Bell

If I had your location I would kill each one of you fucking jews.

Xavier Reyes
Xavier Reyes

Attached: cohencidence..PNG (3.04 KB, 485x64)

Hudson Flores
Hudson Flores

I'm not sure how to feel. The free 5 months feels like a grab vid related for more users.

Charles Bell
Charles Bell

this is a request
Don't fulfill it. If it's a court order they should state so.

Lucas Fisher
Lucas Fisher

cannot even afford to pay an attorney to talk to the FBI for him
Why would he need an attorney to say "no."?

Kayden Price
Kayden Price

What would you recommend instead of Tox? The KCl attack has never (yet) been observed in an operational attack, by the way (the best demo requires social engineering) I know, granny will fall for it

I'm looking into Diaspora, but it looks retarded and only for faggots but I'll try it out anyway. It doesn't seem a valid replacement, though. True P2P would be preferable :-(

Ian Kelly
Ian Kelly

Correction, I will NEVER use (((Diaspora))). oh my fuck, can you believe this bullshit?!

Attached: ClipboardImage.png (213.79 KB, 1202x667)

Bentley Barnes
Bentley Barnes

Don't your encrypted bitmessages persist forever in the blockchain like transactions in bitcoin?

No, there is no blockchain. The reference to bitcoin regards just the security and encryption. The system deletes each message after 2 days.

Justin White
Justin White

Thank you OP, but we are going to need more evidence than that. Anybody can go on the internet and tell lies.

Wyatt James
Wyatt James

Well, you have to trust the website, EVERY TIME YOU LOAD THE PAGE. So it's a shit security model, you have to admit.

Austin Green
Austin Green

This is contrasted with, for example, PGP. You only have to trust 1 website once, in your life, and you don't even have to have total trust, because you can get keys directly from people and see that the software is trusted by others.

Juan Moore
Juan Moore

Tor was created by the US military, do you really trust it??? Why would they not just set it up as a way to collect all the compromising data they can by telling everyone its super secret program to use???

Austin Diaz
Austin Diaz

I felt I must warn people, especially journalists who rely on the security of Tutanota and may reside in countries with oppressive regimes or human rights abuses.
Life was easier in the DDR confirmed.

Posting in legendary bread. Here's a couple of old memes you should be familiar with by now.

Attached: allisbotnet-orlycover.png (120.11 KB, 500x700)
Attached: allisbotnetmeme.jpg (12.08 MB, 2713x5433)

Brayden Ross
Brayden Ross

Whats the best way to learn GPG encryption in terminal.

I don't think a grand jury in Florida has the power to subpoena him, they would have to get interpol involved.

James Myers
James Myers

It was created by the Navy, because they didn't trust the (((NSA))). After the USS Liberty, they lost all faith in (((allies))).

Luis Bailey
Luis Bailey

I only do normie shit via email.
If that's your use case, then Tuta is still a valid option.
<The old if you're doing nothing wrong you've got nothing to hide argument.
Tor encourages people who only do normie shit to use Tor because it provides cover for journalists etc (but also bad guys). Why should normie shit be allowed to be spied on?

Ian Sullivan
Ian Sullivan

They also leaked emails by someone's family in Trump iirc

Levi Gomez
Levi Gomez

"Mom, if you want to talk with me, you gotta use GPG."

Anthony White
Anthony White

:^) "T.O.R."

Attached: ClipboardImage.png (2.47 MB, 1280x976)

Jeremiah Jones
Jeremiah Jones

Wait until they make it illegal to remove that notice in many countries.

Blake Collins
Blake Collins

/tech/ missed a green laptop in the image.

Evan Lopez
Evan Lopez

Have you ever been told that any form of encryption only attracts more attention, and not to use electronic means to share sensitive information?

Attached: anonymous.gif (2.06 MB, 330x204)

Tyler Roberts
Tyler Roberts

Encryption is if you can only share something electronically. Unfortunately it's unsecure as fuck since like you basically said it paints a big target on itself. The best way to communicate something privately is to do it without technology, off camera, off microphone, with no one seeing or hearing and no records of it ever happening.

Andrew Watson
Andrew Watson

The OP is a lie. You are not required to create a recovery code in order to use the service.

Aaron Allen
Aaron Allen

Being Germany-hosted, anyone should already have had suspicions about Tutanota.
I'd suggest Proton Mail (Swiss servers) instead.

Jack Ramirez
Jack Ramirez

Setup your own email server you faggots.

Levi Hall
Levi Hall

It is a disguised Thinkpad with Gentoo installed obviously

Christopher Sanchez
Christopher Sanchez

Have you ever been told that any form of encryption only attracts more attention, and not to use electronic means to share sensitive information?
So what? People behave differently when watched, or even when they think they're being watched.
That does not make a healthy society.
Everything should be encrypted.
No one should be watched all the time.
Blanket surveillance is wrong.

Benjamin James
Benjamin James

I just created one and they give a code. OP is not lying. They just give you one now when you sign up.

Brody Gomez
Brody Gomez

Thanks for verifying this part.
Finally someone did this 125 posts in.

Isaac White
Isaac White

This is basically Hushmail/Lavabit 2.0

Security by obscurity: the moment a service becomes a bit popular it gets compromised

The solution is to move around and stay in small unknown places, avoid the kind that pop out of nowhere with tons of artificial hype: those are honeypots set up with slush funds

Zachary Hughes
Zachary Hughes

12491019
<56
kekked

Austin Perez
Austin Perez

Bump for important info.

Protonmail or set up your own email server, stop being retarded.

Attached: cea.jpg (36.81 KB, 408x615)

Nolan Smith
Nolan Smith

email is shit as a whole. encrypt all messages that our important with your own key . If you need to talk some shady shit .. use ricochet. im

Kevin Morgan
Kevin Morgan

I think ProtonMail is still the best alternative BUT you must encrypt the messages on your computer locally and then copy-paste it in the webmail

Easton Bailey
Easton Bailey

what about Cryptocat? is it safe anymore? It used to be the best and most secure messaging app back in the day.

Lucas Watson
Lucas Watson

Whats the best way to learn GPG encryption in terminal.
Install it and type man gpg, it's that easy. There are hand holding tutorials out there but the man page has numerous examples.

Jaxon Ortiz
Jaxon Ortiz

I don't even do anything shady or illegal, but I don't want a large and always growing bunch of corporate spies tracking everything I do. Realistically, it'd be difficult to stymie the NSA, if they really want your data they'll go to any lengths to get it as their catalog shows. I'm more concerned with Google and Amazon and who knows who else for the time being.

Justin Powell
Justin Powell

Are you me?

Chase Richardson
Chase Richardson

Quantum attack?

Jayden Richardson
Jayden Richardson

It was created by the Navy, because they didn't trust the (((NSA))).

US Navy: 1775
NSA: 1947

Trust the older one.

Nicholas Ramirez
Nicholas Ramirez

I'm using Tutanota just because I don't have to link a cell phone number to it like with Gmail
You can make Gmail accounts with Bluestacks.
But yeah fuck jewgle.

Wyatt Clark
Wyatt Clark

Seems like OP is a liar spreading FUD to undermine Tutanota. You don't have to use a recovery code if you don't want, so I guess then the secret sqwerl German intelligence services are foiled if you don't use one, or even don't tell them what the recovery code is?

Here's the password reset doc tutanota.uservoice.com/knowledgebase/articles/470717

and the source is here github.com/tutao/tutanota

so you can look for backdoors if you want

Camden Barnes
Camden Barnes

says something is compromised
no proof whatsoever
says he won't reply
obviously someone who wants TUTANOTA to fail. I wonder why?

Austin Miller
Austin Miller

(((Protonmail)))

Jordan Bell
Jordan Bell

Quantum attack
Yes.
You can access any information ever created in such a system if advanced sufficiently enough.

Jeremiah Gray
Jeremiah Gray

Make your own codes. It's not that hard for you and your contact to send each other public keys.

Brandon Parker
Brandon Parker

Reminder that you're a faggot, we're winning the war, we just aren't telling you about our plans.

Josiah Ross
Josiah Ross

Because they need everyone to be on the same service to create enough cover traffic so that they can't be traced when they hack other countries, dumbass. It's open source. If there's a backdoor, anyone could find it and exploit it.

Isaac Green
Isaac Green

Protonmail

Protonmail is not safe!
Apologies for redtexting.
I've been spending the past three days de-googling my life and setting up semi-private alternatives, and that means a deep dive into current email alternatives. Obviously nothing is 100% secure. But the ideal is "plausible deniability" so when the Feds come knocking the email provider will hand over worthless encrypted data and no keys.
<But they're in Switzerland!
Just because it's an exotic sounding location to burgers doesn't mean jack shit. A "no logs" VPN provider in Hong Kong was forced to keep logs and served a gag order to keep quiet about it. Fucking Hong Kong!
restoreprivacy.com/vpn-logs-lies/
Switzerland also has an official agreement with the US as to court orders, but I'm foneposting and I can't remember the name.
But suffice it to say, if it's anywhere in the world the whole Five Eyes/Fourteen Eyes/Nine Eyes system and USA hegemony can just request that data, extra paperwork is no problem for them.

So what does Protonmail actually store? How much do they have on you to give to the Feds? Well, first of all they use JavaScript. For newbies, JavaScript is the worst most abominable language imaginable. It has more holes than Swiss cheese, and you can't use it through TOR without turning everything off. Why is this an issue? Because Protonmail generates 2 keys - your password and a second decryption key - when you make an account. This is supposed to provide compartmentalization, but the key generation is done in your own browser with JavaScript! It's trivial to inject malicious code into that process.

They also use a program called Matomo for their main site. What is Matomo?
We employ a local installation of Matomo, an open source analytics tool. Analytics are anonymized whenever possible and stored locally (and not on the cloud).
Fuckin' lovely. But that's the website, what about email data itself? From Protonmail:
we have access to the following email metadata: sender and recipient email addresses, the IP address incoming messages originated from, message subject, and message sent and received times. […] We also have access to the following records of account activity: number of messages sent, amount of storage space used, total number of messages, last login time.
That's actually more metadata than Tutanoa! Let's read some more:
When a ProtonMail account is closed, data is immediately deleted from production servers. Active accounts will have data retained indefinitely. Deleted emails are also permanently deleted from production servers. Deleted data may be retained in our backups for up to 14 days.
Indefinite retention if they flip a switch and keep your account "active" and 14 days of them holding on to your data even after you burn everything.

See pic related to know if your email will be safe.

There have also been Anons claiming that they route some of their servers through Tel Aviv. I'm not /tech/ enough to verify myself, but it bears thinking about (especially with regards to JavaScript injection). Also, if you sign up over TOR they require "verification" of your account by either donating (PayPal or credit card only, no crypto) emailing or sending a text message (and no, they block ALL the free SMS online numbers, I've tried it myself). Sometimes only the SMS option shows up.

So what's an alternative? I'm looking into Disroot, they run the Searx.me search engine I've been using, they have a very "hands off, don't tell us what you're doing with your email we don't want to know" attitude. It bears further research at least.

Attached: ProtonmailSJW.jpg (1.72 MB, 1913x3151)

Noah Flores
Noah Flores

Setup your own email server.

Sebastian Brooks
Sebastian Brooks

t.Hillary Clinton

Lucas Cruz
Lucas Cruz

Fucking Hong Kong!
Hong Kong what? Its not 1988 user. Hong Kong is China.

Lucas Taylor
Lucas Taylor

Further expanding upon this, I find it very telling that Protonmail has been shilled hard on leddit and all over the normiespace. They have a super slick and professional front end to impress normalfags, and the service was even shilled on (((Mr. Robot))). You know, that faggy hacker show that commie script kiddies drool over?
It's been pushed at all levels of everything, it's no wonder most Anons vaguely remember the name. Protonmail is probably fine for normalfag stuff since they're at least not crawling every word of your emails with analytics like google (hopefully, the only thing we have is trust that they wouldn't do such a thing) but for getting in touch with local Anons and swapping contact and meeting time details it's unsafe. It just takes one (((user))) you meet to go shoot up a Synagogue to suddenly implicate everybody he might have talked to, and then the Feds will be pulling his email and the emails of everybody he ever talked to. When that happens you want to have no ties between you and that email, and you want that email to be rendered worthless to anybody without the decryption key.

Alright, I've wasted my lunch break for you faggots. Please fucking read what I've written. I know this place is being overrun with cuckchanners and dying a pitiful death, but spread it to all your friends. And look into Disroot. I'm 80% sure they're the real deal, but I'm not there yet.

Jace Martinez
Jace Martinez

Thanks, man.

Gavin Miller
Gavin Miller

Oy vey what do you mean it's perfectly safe

Attached: Screen-Shot-2018-11-30-at-1.53.09-PM.png (21.8 KB, 415x345)

Charles Peterson
Charles Peterson

Thanks for the elaboration, It wasn't my intent to shill it. I thought it was a respectable service.

Attached: asdasdasddfawfa.png (791.04 KB, 891x501)

Juan Price
Juan Price

Proton got compromised years ago faggot, and setting up your own still leaves you exposed, perhaps even more so since the server is either at your home or on a server you pay for.

Cooper Rivera
Cooper Rivera

It's trivial to inject malicious code into that process.
Then why haven't you, Ari? Where's that protonmail leak you shitposted so hard about and weren't even able to verify? Get those 40 bitcoins yet?

Ethan Turner
Ethan Turner

Stupid question: When you send a GPG encrypted message to someone can a 3rd party see who the message is to or from (or both)?

Thomas Rogers
Thomas Rogers

So it looks like they posted a response on some reddit. They’re denying it completely. The guys thinking it may have been to sow distrust may be right or they may be lying. The chances of some OP being a faggot seems higher than not though, still the fact that you can only postpone and not opt out is a bit suspect.

Attached: 0F95CDCF-5EE9-433D-938A-7A581BD89116.jpeg (491.34 KB, 1242x927)

Easton Gomez
Easton Gomez

Probably someone who drew inspiration from the fake protonmail leak a few weeks back. Only nowhere near as competent.

Jacob Baker
Jacob Baker

Send a…message
Over what medium? Whatever you use to send a message may be linked back to you if you use poor opsec or the service records other identifying information about you.

Other than this, your public key is essentially identifying of you only as much as you use it and how you share it. After the initial exchange, however, there is no way to detect who is who from the perspective of simply the contents of the message, assuming it's a 1 on 1 conversation where you encrypt with your private key and their public key.

Benjamin Wood
Benjamin Wood

No, there is no blockchain. The reference to bitcoin regards just the security and encryption. The system deletes each message after 2 days.
Bumping bitmessage for opinions and reactions.

Hudson Gray
Hudson Gray

I don't really care about government sniffing because I'm pretty confident every email service is compromised. The Javascript, Tel Aviv, and virtue signaling is what has me concerned since instead of just being hands off they'll deliberately go through your emails just to see if you commit thought crimes.

Evan Brown
Evan Brown

user from here again after work.

Thanks for the elaboration, It wasn't my intent to shill it. I thought it was a respectable service.
As did I. It's what I heard from (((everywhere))) on the internet. 3 hours of struggling with setting up an account later without compromising myself, and I started to wonder if there was a better way. Then I looked into it and found protonmail was only marginally better than gmail.

Hong Kong what?
It means that even the most disconnected and apathetic nation that the western world has no hold over through the usual channels will still cooperate wholeheartedly with the ZOG. You retarded mong. Lurk 2 years.

setting up your own leaves you exposed, perhaps even more so since the server is either at your home or on a server you pay for.
Precisely. Even if you wipe your data drives they can recover everything back. If you encrypt your drives and claim you forgot the key, they can still throw you in prison (happened to a few criminals with encrypted iPhones a few years back). But if you make an account with plausible deniability through an anonymous TOR connection during high traffic hours and never connect to it without TOR then the Feds will come knocking and your service can only say "Well here's everything we have. We don't know where they connected from because our regular metadata logs and backups auto-cleared after 24hours. We don't know what's in the emails or who they were talking to, and we don't have the keys to decrypt anything. That's all we have, have fun!"

Thanks, man.
You're welcome user. If it helps somebody, it was worth going hungry while trudging through the pouring sleet at work today.

Jayden Foster
Jayden Foster

Hong Kong
apathetic
The People's Republic of China spies on everything, even what foreigners are up to, for their own benefit. Do not ever trust China you fool.

John Wright
John Wright

Do not ever trust China you fool.
Obviously. But many Anons in the past have advocated moving to Chinese messaging apps and services with the reasoning that as long as you didn't say anything against the People's Glorious Republic then you could say anything you want, and their complete economic, cultural and racial isolation put them outside the clutches of ZOG. Clearly this is not the case, and Anons should take note.

Jace Lewis
Jace Lewis

But many Anons in the past have advocated moving to Chinese messaging apps and services
Those guys are retarded and know absolutely nothing about /tech/ or China. 95% of attacks to your PC are from China and both Australia and New Zealand are in bed with the Chinese so any info they share with the US they share with them. Do. Not. Trust. Chinese.

Nolan Bailey
Nolan Bailey

They don't explain what it's for. If you already have a password, why do you need an EXTRA password? How is an EXTRA password of any use? This makes no damn sense. Again, here's what Tutanota is saying:
" like your password, the revovery code can only be accessed by yourself."
Well then, how does that do any good?!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Truly, explain how the user is supposed to use the "recovery code" any differently from a password, if they're interchangeable! Can anyone explain?!!!

Regarding 2FA, obviously a stupid idea!!!!
IT'S A FUCKING BAD IDEA TO HAVE A VERIFIABLE ACCOUNT TIED TO YOUR BANK ACCOUNT LINKED TO YOUR FUCKING "PRIVATE" EMAIL

tuta? poop-uh.

Let's say it's sent over floppy disk, delivered by hand by a centipede with 1,000 legs & 1 arm.

Jason Peterson
Jason Peterson

After the initial exchange
That part is also confusing. I'm talking about a message, not a texting service or something. Can't you just download all the keys for the US that are hosted somewhere, or is that how they track you?

Cooper Jones
Cooper Jones

Do. Not. Trust. Chinese.
Agreed. But that's the only choice, when it comes to cellphones.

Tyler Price
Tyler Price

YOU DON'T NEED TO HIDE AT ALL. YOU JUST NEED TO BE SOMEBODY ELSE
< fingerprinting is future science
< stylometry doesn't exist

Lucas Sanchez
Lucas Sanchez

imagine being this retarded

Zachary Price
Zachary Price

CIA:

Logan Martin
Logan Martin

not mailing directly from the darkweb
i2p mail relays to clearnet, you can sign up for a free account and use it all you like without ever touching it from the clearnet

no encryption but you can use gpg from the terminal and copy paste into their web client

Julian Barnes
Julian Barnes

Who cares, setup your own server.

Carson Howard
Carson Howard

Ok, I'll bite:
They don't explain what it's for. If you already have a password, why do you need an EXTRA password?
2FA is not a second password. It is a temporary code that is generated by a software or hardware device. The recovery code is used if you lose access to your 2FA device for any reason. You only see it once and are expected to write it down or store it in an encrypted database like your password manager. You clearly have no grasp on computer security whatsoever and are shouting about things that you obviously have no clue about. What would be the motivation for such stupidity? Bonus pay from Google?

Hudson Gomez
Hudson Gomez

On what, expose your home IP or use a VPS from DO IaaS, of which most are Jew owned. What is your solution?

Austin Thompson
Austin Thompson

Meh. Knew this wouod happen eventually. Where should I use now?

Grayson Powell
Grayson Powell

never cracked a wifi
you don't belong here

Charles Perez
Charles Perez

Hey, I'll have you know my handle is Zero Cool, and I've hacked a Gibson through its wifi. But I still wouldn't use a hacked Gibson's AI to handle my daily planner, luser.

You got a long way to go until you hit elite status, kid, just hold on and enjoy the ride.

Jeremiah Collins
Jeremiah Collins

Búmp

Noah Bell
Noah Bell

The recovery code is for reseting 2fa

No 2fa + recovery code = less secure

No opt out = shady or retard proofing

Christian Adams
Christian Adams

Password is accessed and send all time, it is possible to compromise it via keylogger or something similar. Recovery code you supposed to store offline and never use until needed. But it can be used to restore account if your password was stolen.

Christopher Sullivan
Christopher Sullivan

fuck your Doom Porn, kike. you're exactly the type of useless eater who won't ever emerge from your Mommy's Basement clutching your tendies to take a single actionable move to strike back against ZOG.

"MUH NSA wiretapped every email provider"
"MUH NSA fingerprints every identifer on the Internet"
"MUH NSA runs all text through the world's biggest stylometry data farm"

you didn't even add several more things they do, because you're a lazy cuck and you have never even bothered to read a single page leaked by Snowden. NSA also has a program that runs every piece of ingested data through a system that scans for and detects all known methods of Steganopgraphy. next time you see some crypto larper spout off about some new open source Steganography package on Github, congrats faggot, NSA just added its fingerprint to their Stega scanner.

consider the following. now we know, NSA hoover's up every shred of data on the Internet and makes it available to FBI faggots and ATFDEAUSSS cucks with a pretty EZ Jewgly search GUI. then how come Intl crime still exists at all? how come rampant bank and financial fraud exists? how come literally trillions of dollars are zapped around the world from illegal offshore shell corporations in Bermuda, Bahamas, Panama, Cayman et al?
how come the Shadow Economy exists at all? how come ISIS can exist at all? since NSA is the All Seeing Eye, why do the several million Bad Hombres commit their crimes and conspiracies in plain sight of Ft Meade and yet get away Scott Free?

i'll tell you why. to say NSA is bad at their job wouldn't even scratch the surface of their systemic failure. NSA is so bad at their jobs and they have so blown their stewardship of the Secret Law blessing their super power of global mass surveillance, that they have demonstrated they don't deserve to wield GODMODE.

i used to care passionately that NSA was intercepting all of my shit and all of everybody's shit. after a few years of meditating on it and understanding more of the leaks within the context of jaring contradictions going on in the world, i no longer care so much. because now i know NSA is a blind cyclops. NSA is a glorified mix between the DMV and an ER in a warzone. NSA is so crushed by all of the crime and corruption and Evil going on in the world, that they couldn't pursue every Evil Doer even if they wanted to. their mass surveillance ER is full of thousands of mortally wounded victims. who do they go after first? only the worst of the worst cases. every dollar of resources wasted going after faggot shitpoasters like you takes away a dollar of resources to kill Abu Bakr Baghdadi or any of thousands of hard core terrorist leaders or Narco bosses or Syndicate mafioso. NSA simply doesn't have time to care about you or me or anyone on Zig Forums (until one of us starts building a nuclear reactor in our Mom's Basement.)

so fuck your Doom Porn. stop discouraging everyone else to become as useless and immobile and ineffectual as you are.

PS: kys

Luke Mitchell
Luke Mitchell

The fucking air you are breathing is compromised. This isnt news. The only news is the fact that even local police pigs have stingrays to spy on underage kids showering but people are still acting shocked when they discover the seven millionth piece of proof that we live in a prison and then go "no it can't be i consent to all this we need to work within the system this can't be true I am a smart!"

Christian Ortiz
Christian Ortiz

For IM consider Signal

signal.org

Chase Diaz
Chase Diaz

Signal is jew'd.
It's promoted by (((moxy marlinspike))) real name is Matthew Rosenfeld, has been rumored to work with israel intelligence agencies.
The app downloads all your contacts and forces you to email people you want to chat with.
Signal keeps track of your contacts.

Logan Thompson
Logan Thompson

This is what a CIA post looks like:

you have never even bothered to read a single page leaked by Snowden

First it starts reasonable, then bullshit like that. And then it finishes with the hallmark of CIA operations:

PS: kys

It has a double meaning. In one sense it means that he wants to implant thoughts of suicide in the target (Americans, specifically the white ones). But on the other hand it's actually the philosophy of the "golem" CIA, which is to erase the self and to serve the kike in the destruction of whites. It's advice s/he has taken to heart, I assure you.

Ryder Bailey
Ryder Bailey

Signal keeps track of your contacts.
Anything that does that is crap. Anything that has a server that is even CAPABLE of tracking you is crap.

Caleb Thomas
Caleb Thomas

Ive never heard of that but I respect that it was probably hard to go through all that effort so Ill give you this bump.

Chase Jackson
Chase Jackson

It's trivial to inject malicious code into that process.
Only if the site is allowing third party code cross-domain.

Like most people who freak out about Javascript you don't know what the fuck you're talking about.

Isaiah Gutierrez
Isaiah Gutierrez

Use XMPP for encrypted chat
Pick a server and register
compliance.conversations.im/
Install a client
homebrewserver.club/picking-modern-xmpp-clients.html

Elijah Clark
Elijah Clark

never rely on provided automatic encryption
never rely on a system for which you have no guarantee of authentication, no guarantee of message integrity, no guarantee of encryption
tldr any "off the record" type communication system that has automatic key management, automatic authentication, etc. is a huge redflag and subject to impersonation.
exchange public keys physically. if you have to trust someone with your secrets, you want to make sure you're sending your secrets to the right person. this sounds obvious but this very point is where people get owned the most frequently. bye

Michael Diaz
Michael Diaz

People don't like Javascript for a large variety of reasons, one of the biggest is that it can be used to fingerprint you. Cross-domain isn't the half of it.

Brody Green
Brody Green

Bumping

Brayden Collins
Brayden Collins

Citing the existence of ISIS as evidence for surveillance incompetence would raise a red flag for even the average Zig Forumslack snoozing through the post.
never rely on provided automatic encryption
A needed reminder.

Jeremiah Nelson
Jeremiah Nelson

Damn that was my last good email address.

Owen Reyes
Owen Reyes

tutanota
KEK
just using RiseUp,Autistici,disroot

Brandon Brown
Brandon Brown

So is cock.li still safe?

Hunter Ward
Hunter Ward

Autistici
Leftie retard service. No thanks.

Connor Powell
Connor Powell

bump due to hundred faggots psyop

Ian Diaz
Ian Diaz

Putting sensitive info on throwaway accounts

Attached: 1334329164853.jpg (18 KB, 366x380)

Isaiah Jones
Isaiah Jones

How hard would it be to set up a separate email service? It seems like the only option at this point.

Camden Thomas
Camden Thomas

IDIOTS IDIOTS IDIOTS
IDIOTS IDIOTS IDIOTS
IDIOTS IDIOTS IDIOTS

How many times do you morons have to be told that IF YOU DON'T HOLD THE KEY ON YOUR DEVICE AND ONLY ON YOUR DEVICE THE SERVICE IS COMPROMISED!!!

This is what PGP is for. GPG is an excellent implementation. FUCKING USE IT, NOT SOME HIPSTER CRAP THAT LEAKS UR FUCKING SECRETS

REEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE

ssd.eff.org <- fucking go there and READ UP NIGGERS

Samuel Hill
Samuel Hill

This, but only ever keep the keys on an airgapped compuder, and also never transfer data across the airgap, only generating the signature via mental computation, and also also never apply electricity to the key server.
I've also heard that signal + tor was the go-to method for general communication, even being adopted by numerous militaries, does anyone have any input on this?

Carter Ortiz
Carter Ortiz

"Operating public websites and services by action or omission in such a way that may suggest a disclosure of the existence of this subpoena will be construed as such"
k

Samuel Lopez
Samuel Lopez

Warrant canaries are a meme. Even if they functioned perfectly as claimed, it only tells you that a governmentally induced data breach has occurred. If you were foolish enough to trust someone else with your personal information, you deserve what you get for failing at opsec, and a canary isn't going to do shit to save you. If you just intend to stick it to the man, man, in a completely ineffectual useful idiotesque manner, that by all means, you do you, man

Christian Wilson
Christian Wilson

That's actually multiple Constitutional violations right there, which is exactly how warrant canaries work and why they pretty much only work in USA.

First, you have the basic freedom of speech, which includes, importantly, protections against compelled speech. The government cannot force you to make public announcements.

Second, "omission" in your sample violates the 13th Amendment. Forbidding an "omission" is exactly equivalent to forced labor, forcing whatever labor is needed to avoid such an "omission" which is also a Constitutional violation.

Third, there are the issues of political speech, and the very existence of a warrant canary or transparency report can be construed as a political statement. Political speech, legally speaking, has almost absolute protection here in 'Murica, because it is the very thing the First Amendment was intended to protect, after winning independence from British overlords that liked to prosecute dissent as treason.

Lastly, is Tutanota US-based? If not, guess what? None of what I just said applies to them. Warrant canaries only work in jurisdictions with strong human rights protections, and I suspect that the USA may be only country that actually has those.