Mailing List Archive

[OT] Tutanota security/privacy concerns (was: Re: How would you do that ...)
Hi Stefan, all,

Oops, I think I wanted to react sooner but didn't visibly...

8 mai 2021, 15:12 de stefan.vasilev@posteo.ru:

>> l0f4r0 wrote:
>>
>>> I don't use ProtonMail so I can't say.
>>>
>>> But otherwise you have Tutanota (no phone number required):
>>> https://tutanota.com/blog/posts/anonymous-email/
>>>
> BTW. Tutanota does (full???) Browser fingerprinting and they where required
>
> to 'upgrade' their email service.
>
Thanks for the notice.

So are you implying Tutanota does not do browser fingerprinting anymore?
Actually, I cannot find any public source about this. Would you have some pointers to share please?

While we are at it, by any chance, do you/people have (other) complaints/concerns about Tutanota from a security or privacy points of view?

Thanks in advance :)

Best regards,
l0f4r0

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [OT] Tutanota security/privacy concerns (was: Re: How would you do that ...) [ In reply to ]
l0f4r0 wrote:

> Hi Stefan, all,
>
> Oops, I think I wanted to react sooner but didn't visibly...
>
> 8 mai 2021, 15:12 de stefan.vasilev@posteo.ru:
>
>>> l0f4r0 wrote:
>>>
>>>> I don't use ProtonMail so I can't say.
>>>>
>>>> But otherwise you have Tutanota (no phone number required):
>>>> https://tutanota.com/blog/posts/anonymous-email/
>>>>
>> BTW. Tutanota does (full???) Browser fingerprinting and they where
>> required
>>
>> to 'upgrade' their email service.
>>
> Thanks for the notice.
>
> So are you implying Tutanota does not do browser fingerprinting
> anymore?
> Actually, I cannot find any public source about this. Would you have
> some pointers to share please?

Hi,

I have not checked again, but can tell you from the past that they check
what web browser you are using, because when you use an anti-fingerprint
add on for your browser and it generates a User Agent string with an
(old)
unsupported browser Tutanota complains and tells you to use the latest
Browser x,y,z. If they do it any longer or if they do full
fingerprinting I do
not know.

>
> While we are at it, by any chance, do you/people have (other)
> complaints/concerns about Tutanota from a security or privacy points
> of view?

I guess Tutanota is a fine service, like many others, but I would like
to
see Monero cryptocurrency support, when one likes to sign up via Tor.
(have not checked lately if this is already possible)

Regards
Stefan




_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [OT] Tutanota security/privacy concerns (was: Re: How would you do that ...) [ In reply to ]
On 2021-08-27 at 18:35 +0000, ?????? ???????? via Gnupg-users wrote:
> Hi,
>
> I have not checked again, but can tell you from the past that they
> check what web browser you are using, because when you use an anti-
> fingerprint add on for your browser and it generates a User Agent
> string with an (old) unsupported browser Tutanota complains and tells
> you to use the latest Browser x,y,z. If they do it any longer or if
> they do full fingerprinting I do not know.

This is probably unrelated to fingerprinting the user. Most likely they
do that in order to check that the browser is able to use certain
features they use (rather than using feature detection instead).
Or maybe they do that just to force their clients not to use outdated
(and thus probably insecure) browsers.

In any case, using an User Agent which is not common (such as an old
browser, or a made-up one) will actually make you stand out, not
conceal you.


Regards



_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users