Anonymous

My feedback

  1. 86 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    7 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
    Anonymous commented  · 

    Anything other than loading the Tutanota app into your browser is unsecure

  2. 18 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for requesting a feature for further improving the security of Tutanota! We currently use TLS and DANE to protect authentication and integrity data and (only tunneled) RSA and AES to provide additional confidentiality. Neither the confidentiality nor the integrity of your data is currently at risk. In order to increase the security of Tutanota even further, we will implement digital signatures soon.

    Anonymous supported this idea  · 
  3. 104 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    12 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
    Anonymous supported this idea  · 
  4. 283 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    planned  ·  18 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
    Anonymous commented  · 

    @Chris There isn't enough data yet to know if TwoFish is secure or not. Because most use AES, as it is the Advanced Encryption *Standard*, it is constantly under attack, and so far no known public attack exists (only theoretical, meaning you'll dead before it doable)

    Anonymous commented  · 

    AES256 is not better or worse than AES128, and in fact, AES192 is currently better than 128 or 256, but all is theoretical attacks (as in, not in our lifetime).. and RSA...sigh. Bigger numbers don't mean better security. The more I read these comments it makes me fear for Tutanota's future, if these are the types of people they will listen to. However, I think maybe the Tutanota devs know better and I need not worry (hopefully)

    If you make the move to ECC, please don't use any US based encryption, as it has dubious origins at this point (even GnuPG is moving away). I would stay where you are for at least 3-5 years, to give ECC some time to get tested more, unless some critical news occurs where you must switch away from your current configuration

  5. 485 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    10 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
    Anonymous supported this idea  · 

Feedback and Knowledge Base