Hi, Tuta Team here, we came across this and wanted to jump in. The facts are correct - thanks for explaining it the way it actually was. We explain in more detail here why this case highlights the need for *end-to-end encryption* and why we recommend everybody using it whenever possible: https://www.reddit.com/r/privacy/comments/ntzn3w/comment/h0v...
Hi there, Tuta Team here. This is not correct, the price for Tuta Revolutionary is €3/mth with 20 GB of storage and 15 aliases - plus unlimited aliases when using your own domain. It's a very good deal.
Hey there, Tuta team here. We are aware of this issue and we are working on key verification as we speak. The release is scheduled for the coming month.
Tuta is an encrypted email provider based in Germany. We focus on building privacy and security oriented apps for communication and productivity.
We are currently hiring software engineers (Frontend/Backend/Full-Stack) for our locations in Hannover and Munich. We also sponsor visas for prospective team members not currently living in the EU and help with the relocation process.
Hi there, it is possible to export all emails from your Tuta account and store them locally or load them into another email client by using our export function: https://tuta.com/support/#generalMail
Our core development team are trained to work in applied cryptography and we work directly with the University of Wuppertal cryptographers for cryptanalysis and testing.
To secure our customer's emails we do not only rely on the new post-quantum algorithm but we use a post-quantum Key Encapsulation Mechanism (CRYSTALS-Kyber) in combination with an Elliptic-Curve-Diffie-Hellmann key exchange (x25519). We did choose Kyber for pq encryption because it has been chosen by NIST for standardization. However, we are aware that it still might be broken in the future. In this case our implementation allows us to replace it with a different post-quantum Key Encapsulation Mechanism. Our customer's emails will not be leaked in this case because they are still protected by the state-of-the-art Elliptic-Curve-Diffie-Hellmann key exchange.
As all post-quantum crypto is relatively new there is still the risk of it being broken in the future. This is why we combine the new algorithms with classical ones in an hybrid approach so that the encryption stays at least as secure as it is now.
Hey, we only just saw this now: Emails run through a filter before being pushed to your mailbox and encrypted there. So we can see spam emails, but with Tuta Mail you can also send end-to-end encrypted emails of which we see nothing. Plus, if you report emails as spam (e.g. by dragging them to the Spam folder) you are being asked whether you want to give us a copy of the content so that we can improve the spam filter.