A storefront, said Ortis, is a fake business or entity, either online or bricks-and-mortar, set up by police or intelligence agencies.

The plan, he said, was to have criminals use the storefront — an online end-to-end encryption service called Tutanota — to allow authorities to collect intelligence about them.

Tutanota (now Tuta) denies this: https://tuta.com/blog/tutanota-not-a-honeypot

  • mister_monster
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago

    Someone also published the story on Reddit calling Tutanota a honeypot, which was removed by the moderators as fake news.

    Well there we go. We have our answer. Someone who would put 100% faith in reddit moderators just to support their point is obviously lying.

    • SakiOPM
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      The fact that they’re still using Reddit as their support forum is indeed disappointing. Deleting an unpleasant post just like that feels oppressive too. If it’s untrue but the concern is reasonable, then perhaps they should have tried to disprove it in an open discussion.

      Objectively, though, I have no reason to believe (nor deny) this claim.

  • AutoTL;DR@lemmings.worldB
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    This is the best summary I could come up with:


    Cameron Ortis, the former RCMP intelligence official on trial in Ottawa, says he was tipped off by a counterpart at a “foreign agency” that the people he’s accused of leaking secrets to had “moles” inside Canadian police services.

    “I had sensitive information from multiple sources that each of the subjects had compromised or penetrated Canadian law enforcement agencies,” Ortis testified last week.

    The testimony is contained in redacted transcripts released Friday evening, more than a week after the former civilian member began testifying in his defence during his unprecedented trial.

    The Crown alleges Ortis used his position as the head of a highly secret unit within the RCMP to attempt to sell intelligence gathered by Canada and its Five Eyes allies to individuals linked to the criminal underworld.

    Ortis is accused of sharing information in 2015 with Ramos, the head of Phantom Secure, a Canadian company that made encrypted devices for criminals.

    Under cross-examination, Crown prosecutor John MacFarlane asked why Ortis didn’t approach one of the Five Eyes partners to discuss his plans with them “just generally.”


    The original article contains 994 words, the summary contains 175 words. Saved 82%. I’m a bot and I’m open source!

  • workerONE@lemmy.world
    link
    fedilink
    English
    arrow-up
    3
    arrow-down
    1
    ·
    1 year ago

    Something sounds off here. Maybe the RCMP had a backdoor or a warrant or something into tutanota but it’s not a storefront like the article says.

    “A spokesperson for Tutanota, now Tuta, denied the claims. “[Tuta] is not owned or operated by any secret service, nor is it a ‘storefront’ as claimed by Cameron Ortis,””

      • workerONE@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        edit-2
        1 year ago

        Who is accusing them of this and what is the accuser’s reputation? According to this article, one Canadian official was told by someone that they had a PLAN to use tutanota is a malicious way, but there’s not even an accusation that anything ever happened. https://cyberwarzone.com/is-tutanota-a-honeypot-for-intelligence-agencies/

        Tutanota’s reply: "Hi there, these allegations are absolutely false. Tuta was founded in 2011 by Arne Möhle and Matthias Pfau who knew each other from studying together at FHWD university in Germany. To this day, the company is wholly owned by Matthias and Arne, and is not liable to anyone else.

        The Tutao GbmH is not owned by any secret service, nor is it a “storefront” as claimed by Cameron Ortis. These allegations are completely untrue.

        With offices in Germany we only respond to valid warrants issued by German courts. You can read more on this in our Transparency Report: https://tuta.com/blog/transparency-report

        In addition, Tuta is open source and the entire client code is published on GitHub. Thus, everyone can inspect the code and verify how the end-to-end encryption in Tuta works and that there are no backdoors hidden in the code."

        • SakiOPM
          link
          fedilink
          English
          arrow-up
          4
          ·
          1 year ago

          In addition, Tuta is open source and the entire client code is published on GitHub.

          One can freely share “good” source code while actually using something different; which might be an intrinsic problem of an “open-source” web service. Plus, one has no reason to believe that the service has never been compromised: someone might have a backdoor that Tuta itself is unaware.

          I’d like to believe that Tuta is not evil, but ultimately that’s anyone’s guess. I’d recommend true e2e (local-to-local) such as PGP, rather than trusting a middle-man e2e provider.

    • SakiOPM
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      You can use any email provider in a pretty privacy-friendly way, as long as you sign up anonymously, always use it via Tor, and (most importantly) do gpg locally and just paste ascii. Don’t share your secret key with them/anyone!

      • Monero users understandably tend to like Monero-accepting services. Tuta does, albeit indirectly; Proton doesn’t. There is also cyberfear.com, a less known anonymous email provider accepting xmr, but maybe no one is sure if it’s okay.
      • Despite all potential issues, for normal users who are still using Gmail etc., Proton/Tuta are still recommended (simply because they’re better than Google).