Hi, Tuta Team here, we came across this and wanted to jump in. The facts are correct - thanks for explaining it the way it actually was. We explain in more detail here why this case highlights the need for *end-to-end encryption* and why we recommend everybody using it whenever possible: https://www.reddit.com/r/privacy/comments/ntzn3w/comment/h0v...
Hi there, Tuta Team here. This is not correct, the price for Tuta Revolutionary is €3/mth with 20 GB of storage and 15 aliases - plus unlimited aliases when using your own domain. It's a very good deal.
Okay, it appears maybe the addresses for custom domains was inaccurate because you list custom addresses & aliases separately for some odd reason. Why do you do that rather than saying unlimited aliases with a bullet point about only allowing 15 for domains you own?
The Revolutionary plan still only offers 3 custom domains. Furthermore, SimpleLogin provides unlimited aliases (custom domain or not) for $4/mo & unlimited custom domains. So SimpleLogin still appears to be more competitively priced overall.
Hey there, Tuta team here. We are aware of this issue and we are working on key verification as we speak. The release is scheduled for the coming month.
Tuta is an encrypted email provider based in Germany. We focus on building privacy and security oriented apps for communication and productivity.
We are currently hiring software engineers (Frontend/Backend/Full-Stack) for our locations in Hannover and Munich. We also sponsor visas for prospective team members not currently living in the EU and help with the relocation process.
Hi there, it is possible to export all emails from your Tuta account and store them locally or load them into another email client by using our export function: https://tuta.com/support/#generalMail
Our core development team are trained to work in applied cryptography and we work directly with the University of Wuppertal cryptographers for cryptanalysis and testing.
To secure our customer's emails we do not only rely on the new post-quantum algorithm but we use a post-quantum Key Encapsulation Mechanism (CRYSTALS-Kyber) in combination with an Elliptic-Curve-Diffie-Hellmann key exchange (x25519). We did choose Kyber for pq encryption because it has been chosen by NIST for standardization. However, we are aware that it still might be broken in the future. In this case our implementation allows us to replace it with a different post-quantum Key Encapsulation Mechanism. Our customer's emails will not be leaked in this case because they are still protected by the state-of-the-art Elliptic-Curve-Diffie-Hellmann key exchange.
As all post-quantum crypto is relatively new there is still the risk of it being broken in the future. This is why we combine the new algorithms with classical ones in an hybrid approach so that the encryption stays at least as secure as it is now.
