A storefront, said Ortis, is a fake business or entity, either online or bricks-and-mortar, set up by police or intelligence agencies.

The plan, he said, was to have criminals use the storefront — an online end-to-end encryption service called Tutanota — to allow authorities to collect intelligence about them.

Tutanota (now Tuta) denies this: https://tuta.com/blog/tutanota-not-a-honeypot

  • SakiOPM
    link
    fedilink
    English
    arrow-up
    4
    ·
    1 year ago

    In addition, Tuta is open source and the entire client code is published on GitHub.

    One can freely share “good” source code while actually using something different; which might be an intrinsic problem of an “open-source” web service. Plus, one has no reason to believe that the service has never been compromised: someone might have a backdoor that Tuta itself is unaware.

    I’d like to believe that Tuta is not evil, but ultimately that’s anyone’s guess. I’d recommend true e2e (local-to-local) such as PGP, rather than trusting a middle-man e2e provider.