AdminTutanota Support (Feedback Manager, Tutanota)

My feedback

  1. 28 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →

    Hello everyone,

    the Arabic translation has been completed so we plan to add RTL support as soon as possible. As we have lots of feature requests on our to-do list for the coming months, we cannot give a specific ETA just yet.

    If you know anyone who can code and would like to get this done faster, this would be awesome. Here’s the code for a pull request: https://github.com/tutao/tutanota

    Thank you very much!
    Your Tutanota Team

  2. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
    AdminTutanota Support (Feedback Manager, Tutanota) commented  · 

    Which app and which device are you using?

  3. 236 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    18 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
    AdminTutanota Support (Feedback Manager, Tutanota) commented  · 

    Currently the badge gets an update when you open the ios app. It show the number of unread mails in your inbox.

  4. 17 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    planned  ·  8 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
    AdminTutanota Support (Feedback Manager, Tutanota) commented  · 

    Thanks for the discussion on this issue and thanks for the pull request. We have had a look at it and how the email address can fit into the sender/recipients line. Unfortunately on mobile devices the space is very limited and adding the email address (name <email_address>) there would not be helpful in many cases. So we decided to add it only in desktop mode. As the pull request does not cover all cases, we will implement it on our own soon.

  5. 110 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
    AdminTutanota Support (Feedback Manager, Tutanota) commented  · 

    Thanks for your notice @Anon. It is very similar and we treat it like this, combining the votes in our heads. :)

  6. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
    AdminTutanota Support (Feedback Manager, Tutanota) commented  · 

    Unfortunately, codeclimate requests write access to our repositories which is not acceptable. Is there a simple way to embed jslint checks?

  7. 2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
    AdminTutanota Support (Feedback Manager, Tutanota) commented  · 

    @Colin, thanks we did! :)

  8. 8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
    AdminTutanota Support (Feedback Manager, Tutanota) commented  · 

    @Andre Currently there is no filtering, but we plan to add this!

  9. 28 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
    AdminTutanota Support (Feedback Manager, Tutanota) shared this idea  · 
  10. 18 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for requesting a feature for further improving the security of Tutanota! We currently use TLS and DANE to protect authentication and integrity data and (only tunneled) RSA and AES to provide additional confidentiality. Neither the confidentiality nor the integrity of your data is currently at risk. In order to increase the security of Tutanota even further, we will implement digital signatures soon.

    AdminTutanota Support (Feedback Manager, Tutanota) commented  · 

    @Max We do. :) Here is a detailed answer to this report. SInce there is no feasible attack vector, no immediate action is necessary. However, we will improve the discussed issue soon:

    This is not a vulnerability in Tutanota. We have built Tutanota with multiple layers of protection for our users. We currently use TLS and DANE to protect authentication and data integrity and (only tunneled) RSA-OAEP and AES-CBC to provide confidentiality. We have always communicated this transparently, it is nothing new. Neither the confidentiality nor the integrity of our users' data has been at risk.
    However, we know that the implementation is not perfect regarding this detail. That is why we are going to implement the following features as soon as possible:
    - Signatures/MAC
    - 2-factor authentication
    - Algorithms resistant to attacks of quantum computers
    - Simple verification of downloaded Tutanota apps
    Regarding the described issue, we know of two possible attacks on AES-CBC. Neither of them is feasible against Tutanota users:
    - Bit flipping: You need access to the plain text email and you have to be the MITM. - - Plaintexts are available at the sender and recipient only. We use secure TLS algorithms and DANE to protect against MITM.
    - Padding oracle: There is no padding oracle in Tutanota.
    Tl;dr
    There is no known vulnerability in Tutanota. Security is the heart of Tutanota, and we will fix vulnerabilities immediately.

  11. 16 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
    AdminTutanota Support (Feedback Manager, Tutanota) commented  · 

    @Stephan The android app relies on push from Google. If you get the app directly from us, it won't have push, sorry.

  12. 10 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
    AdminTutanota Support (Feedback Manager, Tutanota) commented  · 

    Hi there, it would be possible to build such a feature while keeping your privacy. For instance, we do not have to store the ip address of your account's last login while it could be stored encrypted within your account, only visible to you.

  13. 130 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
    AdminTutanota Support (Feedback Manager, Tutanota) commented  · 

    Thanks for your comment. We'll always focus on security and usability, no matter what we'll include. Because everything will use the same encryption technology.

  14. 65 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
    AdminTutanota Support (Feedback Manager, Tutanota) commented  · 
  15. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
    AdminTutanota Support (Feedback Manager, Tutanota) commented  · 

    Thanks for your feedback, we need to know what browser you are using so that we can reproduce it.

  16. 8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
    AdminTutanota Support (Feedback Manager, Tutanota) commented  · 

    Currently email addresses of persons you send emails to are automatically saved to your address book to make it more convenient.
    This is particularly important if you send encrypted mails to non-Tutanota users as the password you shared with them needs to be saved within your account.

  17. 13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
    AdminTutanota Support (Feedback Manager, Tutanota) commented  · 

    We opted against blocking usernames for other domains as only the tutanota.de and the tutanota.com domain match. Because of this, we also gave you one alias for free so that you may block your username yourself.

  18. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
    AdminTutanota Support (Feedback Manager, Tutanota) commented  · 

    Thanks for your discussion. It's a risk we are willing to take. :) We love the name tutanota and it's meaning, but we also see the need for an easy email address. That's why we are offering additional domains now without changing our branding strategy. Tutanota is the brand - 'secure message' - but just because you like the brand, we do not want to force you to have it in your email address.

  19. 47 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    planned  ·  7 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
    AdminTutanota Support (Feedback Manager, Tutanota) commented  · 

    Updated the title and description from manual to automatic sync.

  20. 394 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  29 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
    AdminTutanota Support (Feedback Manager, Tutanota) commented  · 

    Yes, Yogev, the feedback system does not work via Tor. Sorry for the inconvenience.

Feedback and Knowledge Base