This doesn’t bode well for those who work from home.
But here’s my question: suppose you’re working from home, but are using Linux. Would you be affected by the software on the list. (Supposing it’s possible to do the work on a linux machine).
I don’t know yet how this affects Europeans.
But i’ve read that in the Netherlands, the army was gathering intelligence (on/about?) it’s citizens and handing out the information to interrested parties. Who needs software? Defense will cover that.
Source:https://www.nrc.nl/nieuws/2020/11/16/willen-we-dat-defensie-alles-weet-a4020275#/next/2020/11/17/#108 (It’s in Dutch, i don’t know if there’s an english version available).
This is so dumb to me. Your employees are going to do their jobs. You have no reason to spy on them. This is abusive. You can’t squeeze blood from a stone.
Not too far off ago, at least in the USA, this kind of thing would force workers to give an abusive business owner a hairy and life changing experience off the books. This experience would usually curb the abusive behavior.
Regarding the interview with Tutanota, this article could serve as a nice reminder that privacy is a must these days. The main thing here is that a US court ordered google to hand over e-mails regarding the case. I don’t know if google has to comply, but this can get very ugly indeed.
I’d be interested to know if the courts could compel Tutanota to release the identity of the user, or even to modify their servers in a way to intercept the encryption keys and/or then compel the user to release their emails in a similar situation.
I was asking myself the same question as Tutanota is one of the two email providers I’m interested in nowadays. Germany is also a prominent advocate for backdoors.
I am still about to listen to the show but I know Tutanota was obliged or forced various times by German courts to compel. Though I have no details about it.
At least in one case from this year they refused to make a backdoor and in the end the decision was accepted by the courts. The article about that is in German.
There’s something i don’t understand here. (With the help of a translation engine. My german isn’t all that good. )
Quote:
“Now Tutanota has to program a new function for the prosecutors: If a valid order from a German court is available for an account, the company can also create a copy of the e-mails that the investigators can also read. They can still not read mails with end-to-end encryption. “I would rather take care of extended data protection functions for our customers than extended access rights for the authorities,” says Matthias Pfau. Of course, you stick to the legal requirements and cooperate with the authorities.” end quote.
Does this mean that they have implemented a way that authorities can read e2e encrypted mails or not?
Or do they provide a dump of encrypted mails?
The authorities cannot read e2e encrypted emails but they can read mails that are not encrypted. Tutanota is against that practice but they have to comply.
That is from the source in German of that article in short. It is confusing. I have had to read it various times. This does not sound to be in favor of using Tutanota even though it was about a case of extortion. But I still have to listen to the show and maybe they can correct us how they handle such cases now.
Ok, thank you for the information. That helps a lot.
I’ve listened to the interview some time ago. I think i remember that the pr lady never said they were a zero-knowledge provider. But to be sure, i’d have to listen to that again.
I think that they, along with Protonmail, are the most secure providers out there a consumer could get.
If you’d want anything more secure, it would have to be some sort of government solution, or to set up your own server. (along with all the problems that’ll create).
Unfortunately, this has attracted some unwanted attention from the German government.
How do we know what they’ve implemented?
A good summary has been made by the people from the privacy intelligence and osint podcast about this: (episode 198)
)