Tutanota is a honepot - former Canadian Intelligence Chief

Wow - who saw that one coming. :rofl:

Cameron Jay Ortis, former Director General of the National Intelligence Coordination Centre, claims that another intelligence agency established Tutanota as a honeypot: https://torontosun.com/news/national/ex-official-accused-of-leaking-secrets-says-he-didnt-betray-rcmp-absolutely-not

Ortis said the foreign ally, who he is not at liberty to name, spoke of a plan to encourage criminal targets to begin using an online encryption service called Tutanota — a “storefront” operation created by intelligence agents to snoop on adversaries.

Telling no one, Ortis decided to act, drafting a list of four possible recipients as part of Operation Nudge — as in nudging them to adopt the new email service.

That’s when Ortis says he began enticing investigative targets with promises of secret information — including tantalizing portions of documents — with the actual aim of getting them to communicate with him via Tutanota.

He’s not exactly a reliable source. However, if you wanted to go about collecting data from people with something to hide, you would likely set up an encrypted email service - right?

I wouldn’t be surprised in a slightest, because whole idea of private e-mail is absurd.
E-mail by it’s nature is honeypot that CAN NOT be secure / private.

1 Like

I don’t use Tutanota (or any “secure/private” mail service really, I treet them all as “mail open to the postman”) but I thought their service is supposedly client-side E2EE, with the client being open-source.

Taking in mind your disclaimer that the source is not reliable, I wouldn’t pay that much attention to that article.
Especially in today’s day and age that Clickbait is (sadly) king…

If you do find a reliable source though, please do update us, sounds like an interesting topic :slight_smile:

1 Like


Client to server is probably encrypted, but server to server is usually not encrypted. So all you would need to do is intercept packets between servers and voilà, you can read the entire email (or at least the email headers).

Is this an assumption or do you have some source that states that as a fact?
Because the service claims E2EE? Which would mean client-to-client (if the implementation is correct, then I’d say that server code is irrelevant, but I haven’t audited the implementation neither will I ever because I don’t care enough since I don’t use such services)

That said, as I said I’m not too familiar with the service, but if what you are saying is indeed the case…
Anyone using “client to server” encryption as “secure communication” is well deserving of no security at all to be fair… :stuck_out_tongue:


I believe Tutanota only claims to encrypt emails sent from Tutanota to Tutanota domains. They can totally promise this and it’s technically feasible to do. However, email architecture does not allow email headers to be encrypted, so if you send emails to anyone outside tutanota, your email headers are sent in plain text. Also, unlike Protonmail, they do not allow you to import/export public PGP keys. I would therefore expect that all emails sent from a tutanota server to a gmail server would be sent in plain text. Please feel free to correct me if I’m wrong - it’s been a few years since I decided against subscribing to Tutanota.

Edit: they allow you to set a password for your emails to non-tutanota users. So your emails to non-tutanota recipients are password protected, but any replies from that contact are not. Also the email headers are not encrypted.


If whatever you are saying in your email is sensitive enough to get you arrested or exclusively watched by the government, you shouldn’t rely on emails for your conversations and messages.

Encrypt your own messages, send them on a platform that is less of a honeypot, then send the (very strong) password through another somewhat trustable platform, that fragmentation makes it much harder for a third party to decrypt your message. Once the other person gets the message and password, delete both from the platforms. We assume their servers truly delete what you sent to spare disk space.

Besides this case, protonmail is pretty alright for daily use and the most private public email service for anything that isn’t illegal or borderline.

1 Like

I use it with a custom domain for the simple reason that it has no ads and allows me to set a separate user and mailbox password (which I prefer to 2FA).

Ah, then you are totally right and thanks for taking the time to explain.
I must have misunderstood the claims of Tutanota.

Then again I’m dumbfounded that people would consider the process you described as private and secure communications…

That’s absurd!!! :rofl:
Edit: Honestly, I thought the whole “we encrypt your emails” would be based on PGP. Why on earth would someone that wants encrypted emails not use PGP?

1 Like


Hey mr. police…ooooo-ooooouhh!! :clown_face:

I would even argue further that nothing is actually really secure. For example, Tucker Carlson recently revealed that his messages on “Signal Private Messenger” were compromised, and he specifically said “don’t trust signal, it’s not as private as you think”. Now I’m not saying it’s the software per se because it very well could be the OS it’s being used on, but just the idea of completely secure digital communications to me is a joke. Government’s always have vastly more powerful tech within their reach and likely can break that encryption if they desire.

I’m old school. If I want to tell you a secret, it’ll be in a room where we are the only two, and I will whisper it in your ear. Anything else is a risk for compromise.

I wouldn’t go that far, you need to have a lot of knowledge and stellar OPSEC.

Great example, because he’s clearly very naive. There were other red flags about Signal before, but main one is so obvious…anything that asks your phone number - certainly can not be secure by definition, it’s absurd.
He should have used Session instead.
As well as his OS or even keyboard on his phone (i’m sure he doesn’t use Linux or DeGoogled Android)

Also, since he’s very high profile and obviously targeted - i wouldn’t use anything with SIM-card inserted if i were him :laughing:

1 Like
1 Like

If the NSA has quantum computing capabilities which I’m sure they do, surely they can crack most encryption, no?

I still wouldn’t trust technology for extremely sensitive comms. Sure, it’s generally user error or a security vulnerability that’s exploited, but you even have crooks using ‘Tails OS’ with Tor and PGP who end up getting caught. I just don’t think it’s worth the risk.

I’m pretty sure if the Mafia was at it’s peak of activity right now, they would have a rule to not talk business on digital comms as they did in the past for not speaking on phones or out in public without cover their mouths.

Maybe I’m getting cynical, but I just have the mindset that if something can be made, it can also be broken, and we’ve seen this time and time again with software. When freedom is at stake, that’s a tough one.

Edit: I don’t think phone numbers on signal is exactly what is compromising their messages. That is only useful for metadata. There’s something larger going on.

Edit 2: You are right though, Tucker should at the minimum use GrapheneOS with session.

No, they’re not idiots - nobody in their right mind would spend insane amounts of money to decrypt some encryption as strong as Signal, which has quantum-resistant cryptography.

They’ll use methods to compromise OS (backdors, Pegasus) / hijack / swap SIM etc.
It’s much easier and costs nothing.

Carlson’s OPSEC is clearly not even near Edwards Snowden’s for them to use quantum computers on it, for crying out loud. :rofl:

That’s the most important part for targeting.


Exacly, that why almost every cyber attack targeting companies or countries use social engineering methods.

Signal is fine for discussing topics you don’t want everyone and anyone to know about. It’s the virtual equivalent of inviting your friend over to your house for tea and letting them in through the front door. Your nosey neighbour knows you’re talking to your friend and for how long but not what’s been said. The convenience of Signal is that it’s based on a shared phone numbers. However this is the biggest vulnerability.

I’m not a celebrity, criminal, terrorist or spy so I really don’t worry about metadata as a vulnerability. If I needed total privacy, that would be a lot more challenging and I probably wouldn’t have any friends.