I recently noted Signal as the app to solve most of our communications problem with: an open source based messaging app offering top notch end to end encryption. Signal, however, does have a significant drawback: it is an SMS like messaging app. That is, it requires a smartphone, and it is uncomfortable to use with long messages or attachments. [I will note there is another problem with Signal, and that is Apple: according to tweets that have since been removed, Apple has been rejecting proposed updates for the app on rather stupid grounds of the type that would let conspiracy theorists suggest it’s holding hands with the NSA. That said, a new version of Signal was made available today.]
In other words, for some things email is still the best communication method. Problem is, by default the email format is very open, having never been designed with true privacy in mind; as things are, we should regard all the information we post by email to be in the public domain. Solutions have been available for a while, such as getting your emails PGP encrypted, but those are a pain in the backside for the non technically inclined to implement. It is therefore nice to see some development to the field.
Tutanota is one such development. It’s a German provider that will let you have a 1GB web mailbox for free. Just like several of my other favourite cloud providers, Mega, SpiderOak and Tresorit, Tutanota claims to have all your data encrypted before it receives it so that Tutanota itself cannot read the emails it is holding for you. The emails are end to end encrypted, with the decryption taking place on the user’s browser. Unlike PGP, Tutanota will even encrypt the subject of your emails as well as attachments.
Other interesting notes about Tutanota include its claim to be open sourced based, its ability to send encrypted emails to non Tutanota users (which requires offline password coordination), its ability to act like any other email provider and send non encrypted emails, and its servers being located in Germany. A country where, unlike the USA, proper privacy protection exists by law.
No, Tutanota would probably not shake the NSA off your back, especially not if you use Tutanota’s mobile apps and have them backed up to Apple’s iCloud. However, Tutanota definitely offers a way to prevent commercial interest from reading your emails: unlike Gmail, Outlook/Hotmail or Yahoo, your emails are yours and are never read by Tutanota.
Which, in my opinion, makes email exchanges between Tutanota users a pretty good way to communicate. Now you know where to get me even if you do not use a smartphone.
Image rights: Tutanota
Image rights: Tutanota