The leaked information we all got from Edward Snowden’s NSA files proved that no one is safe from prying eyes of government entities. Time and time again, we’ve been told just how important encryption is and how it can keep our communications secure.
A wave of encrypted mailing services and apps has popped up in the past year, trying to make using encryption tools as easy as possible. Tutanota is one of these apps and one that has managed to bring a clean and easy-to-use product to the table.
Matthias Pfau, one of the co-founders of the company and CEO of the company behind this end-to-end encrypted email service, talked to Softpedia about the Tutanota, the NSA and the need for encryption.
Why did you decide to create an end-to-end encryption webmail service?
When we started in 2011 we already knew that parts of our communication are tracked. Since Snowden, we know that everything is tracked, which is absolutely not acceptable. We see ourselves as freedom fighters. We want to give anyone the possibility to communicate without being tracked or observed because we believe that privacy is one of the most fundamental rights.
What made you publish the code of the service?
Basically, we believe in the ideas of open source. Reviewed code is more secure and we encourage every security expert to challenge us and to review the code. This will help us to improve the security of Tutanota even further. In the long term, we also want to establish an active community that helps us to develop Tutanota into the right direction.
You mention that the app has been put to an extensive penetration test. What did the test entail exactly?
The pentesters of SySS analyzed Tutanota and the whole server cluster for security vulnerabilites. For this purpose, they used security scanners and manual attacking techniques just as code reviews of integral parts of the application.
What data does Tutanota encrypt? Does it cover the metadata (to, from and subject line) or only the email contents?
The only metadata that is currently not end-to-end encrypted are the addresses of the sender and the recipient. We have some ideas on how to remove that meta-data as well. However, these ideas have not been implemented till today. All other data is automatically encrypted by Tutanota. This includes the subject line (in contrast to PGP and S/MIME) and all attachments (in contrast to other web based systems like protonmail).
What kind of data does Tutanota store on its servers and does the data that stays inside the company's servers remain encrypted?
Besides the mail addresses, all of the data is stored end-to-end encrypted. When we inspect the contents of our cluster, we only see encrypted data. Even we are not able to access the data, as only our users can access the keys needed to decrypt the data.
How can Tutanota protect users from government agencies in case of demands for personal data, such as it happened with Lavabit last year?
The biggest benefit of Tutanota in comparison to Lavabit is that we don't have access to the users' decryption keys. Therefore, we are not able to provide access to government agencies. Besides that, Germany is currently one of the best places for zero knowledge applications like Tutanota.
Mobile apps are coming this fall. What can you tell me about them and what platforms will they support?
We will start launching apps for Android and iOS. Blackberry OS 10 and Windows Phone should follow slightly after. The apps will allow you to send and receive end-to-end encrypted mails, just like the webmail client. Push notifications will be used to inform you about new messages. However, the first release of our apps is just a starting point. We will continue to improve them and add the features that the community wants the most (e.g. offline storage).
Since this isn't going to be browser-based access, but rather through an app installed on the device, how will you go about making the app safe enough given all the vulnerabilities that pepper the operating systems?
To be honest: We can't. We are still a small startup and our mid-term focus is to provide the most secure mail app. If the underlying technology (e.g. Android or iOS) has been manipulated for grabbing all user inputs, there is nothing we could do about this. Therefore, we encourage all of our users to update their systems and mobile devices regularly.