Items tagged with: E-Mail
Diesmal weil deren E-Mail-Dienst, unter anderem Outlook.com, E-Mails ohne Fehlermeldungen annimmt, deren Filtertechnologie (#SmartScreen) allerdings unvorhersehbar E-Mails im Nirwana verschwinden lässt. Das scheint gerne Leute zu treffen, die eher kleiner Mailsysteme betreiben und eben nicht über GMail, GMX, Telekom und Konsorten ausliefern.
Ich hätte nicht gedacht, dass so etwas in Europa beziehungsweise Deutschland möglich ist, aber ich wurde eines anderen belehrt. Gab es da mal nicht so etwas wie Unverletzlichkeit der persönlichen Kommunikation?
2019-03-11 21:12:40 XXXXXXXXX => firstname.lastname@example.org R=dnslookup T=remote_smtp H=yyyyyyyyy-de0i.mail.protection.outlook.com [104.47.5.<br></br>36] X=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256 CV=yes K C="250 2.6.0 <email@example.com> [InternalId=111111<br></br>466290, Hostname=AM5P194MB0164.EURP194.PROD.OUTLOOK.COM] 10557 bytes in 0.199, 51.655 KB/sec Queued mail for delivery"
#E-Mail #Internet #RfC
Schneier on Security (Friday Squid Blogging):
Warning / Happening: Tutanota is possibly compromised!
https://www.schneier.com/blog/archives/2018/11/friday_squid_bl_653.html#c6785651Martin Fruehauf • December 1, 2018 9:14 AM
An insider from the German Bundesnachrichtendienst (BND / Vopo) / Secret Service just has released a message stating that Tutanota was compromised.#Schneier #tutanota #protonmail #mail #e-mail #email #news #leak #warning #privacy #security #freedom #bnd #vopo #germany #password #recovery #surveillance #encryption #vulnerabilities
The message as reported by the BND insider just has been picked up by the British Guardian online edition (30th Nov. 2018, 7:30pm GMT).
Here the message:
Tutanota recently released a new recovery code feature that allows a user to recover their account if they forget their password. This recovery code adds a second method to decrypt your private key and thus your emails. This feature was never asked for by the user base, and they refuse to let users opt out of creating a recovery code. Each time you log in to Tutanota you will see a pop-up requesting that you create a recovery code.
Now I will explain why this is happening:
I work within the German government, and I know for a fact that Tutanota was served an order by the intelligence services to create a database that can be used to decrypt any user's email address upon request. Tutanota is currently under a gag order and cannot speak about this request publicly. This is basically Hushmail/Lavabit 2.0. The recovery code is essentially a government recovery code / backdoor used to read your email if requested by the government.
I'm posting via a public WiFi with a disposable device in a location with no CCTV cameras. This was very hard to do, and I won't be posting again so please do not delete this thread. Users please screencap or archive the thread. I felt I must warn people, especially journalists who rely on the security of Tutanota and may reside in countries with oppressive regimes or human rights abuses.
Comment: Tutanota, as well as all German e-mail providers must provide data as requested to the German Secret Service / (BND / Vopo). This also applies to all German encryption software; it is mandatory for them to incorporate a back door. This, however, is not new. It is a practice that informally has been in place since the mid-nineties.
That happening follows the recently leaked information indicating that ProtonMail also was compromised and that its servers, contrary to what the company stated, were located in former USSR territories.
Bürodeutsch: Was diese E-Mail-Floskeln wirklich bedeuten - SPIEGEL ONLINE - KarriereSPIEGEL
#KarriereSPIEGEL #Berufeinecht #SpaßimBüro-KarriereSPIEGEL #E-Mail