If German authorities ever serve Tutanota with a court order to hand over a customer’s email inbox content, the company will of course comply with the warrant but all they will be able to deliver will be ciphered files with no decryption key. According to the email exchange I had with Matthias Pfau, one of Tutanota founders, they do not log IP addresses and only keep timestamps, the details are stored anonymously without any reference to your user account. Each mail in your inbox also contains the mail addresses of the recipients in clear text, kept until you delete the email, Tutanota has some ideas about how to hide the recipients address but it has not been implemented yet.
You can open a Tutanota email account with minimal details, choose a username and password and that is it. During the very short registration you will find a link to a Wikipedia page with instructions on how to choose a strong password, a coloured meter on the page lets you know if your password is secure enough to withstand brute force attacks.
I appreciated the clean smooth webmail interface giving one click access to the different tabs and folders, with a security tab where you can see a list of of the successful and failed account logins with timestamps, no computer IPs are associated with customer accounts since no IP logs are kept.
Sending an encrypted email in Tutanota is effortless, it does not require customers to manage encryption keys or know much about security. The system is compatible with insecure email services like Gmail or Yahoo. When you send a secure email to somebody who is not on Tutanota, instead of receiving the full text, they receive a message with a link inviting that person to visit Tutanota servers to read the encrypted email, only readable with the correct password and decrypted locally in the browser.
By not sending the email message body, any organisation monitoring Internet traffic will not be able to intercept a copy of the encrypted data. A terrific way to stop mass surveillance on the Internet is to never let the data out on the wild web. The same security system that CIA director General Petraeus was using to communicate for an extramarital affair, he used a dead drop email account and never allowed messages to travel the Internet.
One can assume that the CIA director has classified knowledge to know how to best avoid surveillance, and presumably General Petraeus applied that privileged information to protect his own life, it is possible to learn a lot from observing the experts and copycat them.
Tutanota free email service is a major improvement over the dead letter box communication system, the company adds an encryption layer, and the people you communicate with do not have to change anything, they can securely reply to you using the same window where they are reading the received message.
Another important security fact about Tutanota is that they hired a German penetration testing company called SySS to try to find security vulnerabilities in their mail service, like cross site scripting. Tutanota was given an all clear certificate attesting that during the network scan and manual hacking that was attempted by security experts it was not possible for SySS to access any confidential data. If that is not reassuring enough, Tutanota source code is available for download released under the GPL license, you can use it to build your own email client or check it for bugs.
The zero knowledge approach of this email service, their no logs no decryption keys available policy, located outside of the UK and USA, very easy registration and utilization make Tutanota one of the best alternatives to Hushmail. If I have to complain about anything, is that, not being German myself, I do not like getting a .de email address (@tutanota.de), I prefer a .com domain to stop people from assuming I am German.
This security model is the future, spy agencies are not going to stop monitoring data travelling across the Internet, so, you just don’t send it, leave it on the server for others to fetch, superb.