[HN Gopher] Tutanota is now free for open source projects
___________________________________________________________________
Tutanota is now free for open source projects
Author : NmAmDa
Score : 43 points
Date : 2021-11-22 18:37 UTC (4 hours ago)
(HTM) web link (tutanota.com)
(TXT) w3m dump (tutanota.com)
| ptidhomme wrote:
| The most important feature Tutanota lacks is offline usage, IMHO.
| You can't access your email if you have a poor or nonexistent
| connection.
| invalidname wrote:
| Secure email service. Would be nice to actually mention that in
| the title...
| httpsterio wrote:
| Hacker news has a rule about not editorializing headlines, they
| have to be posted as they are on the linked site.
|
| A lot of the users this affects are most likely also familiar
| with tutanota's services I'd guess.
| thepill wrote:
| Still waiting to be able to import existing mails (would like to
| switch from protonmail)....
| LVDOVICVS wrote:
| After I gave up running my own mail server I started used
| Tutanota for my small personal domain. They're cheap and reliable
| in my experience.
| culi wrote:
| What made me end up choosing Tutanota over Protonmail was that
| the free tier gave 1GB of storage (compared to Protonmail's
| 500MB). I've been using it for my primary email for over a year
| now and haven't had any major issues with it. The desktop and
| mobile apps feel pretty solid to me though I'm not a particularly
| heavy email user.
| throwaway81523 wrote:
| I don't understand this thing about encrypting stored email if
| the other person receives it or saves a copy in the clear. Most
| of the time, the other person is on gmail, so there is a
| plaintext copy of your email on a google server, and everything
| that implies.
|
| The two big hassles of self-hosting email are incoming spam on
| the receiving side, and deliverability issues on the sending due
| to very aggressive antispam measures at the big email providers.
| Hosted email services' product is basically continuous
| maintenance of spam filtering on the receiving side, and e.g.
| building IP reputation and retrying failed deliveries through a
| clean IP pool on the sending side. Merely running an IMAP or SMTP
| server without these efforts is comparatively easy.
|
| So it seems to me sufficient to use a privacy-conscious hosted
| provider for filtering and SMTP but not for storage, and handle
| storage yourself. I'm currently not doing that due to laziness
| but it seems like a proper and feasible thing to do. There isn't
| much point going overboard when the traffic is general purpose
| email, where the weakest link will usually be at the other
| person's end (and out of your control) rather than at your end.
| upofadown wrote:
| For incoming unencrypted email you can encrypt it to an OpenPGP
| identity for storage. Some providers offer this as an option.
| Anonaddy can do this as part of their forwarding service.
| throwaway81523 wrote:
| Storing email as ciphertext makes it awfully hard to search.
| You really want to store it as plaintext on a computer that
| you control. Historically that meant your client computer.
| Storing email on servers (even your own) seems like asking
| for trouble, though it can work if you control the server and
| are careful enough.
| kube-system wrote:
| When all of my email is accessible in one place, it is very
| easy to use that data to generate a model of my activity. Yes,
| the recipients of my email probably won't protect it well, but
| it's distributed across multiple providers.
|
| I know that data will likely be mined from my email at one end
| or the other, but I might as well not serve it up on a silver
| platter.
| throwaway81523 wrote:
| > When all of my email is accessible in one place, it is very
| easy to use that data to generate a model of my activity.
| Yes, the recipients of my email probably won't protect it
| well, but it's distributed across multiple providers.
|
| Chances are that most (> 50%) of it is on one provider
| (gmail), or maybe two or three providers. Getting those will
| make almost as good a profile of you as getting everything.
| And it's not just your email: it's also the stuff that you
| communicate in it, that can further spread among careless
| recipients, unless you live your life like a paranoid
| fugitive and silo all your information including (e.g.) from
| your family members. That, in turn, is completely neurosis
| inducing. It's a conundrum that I don't have an answer to,
| beyond "surveillance sucks".
| ppseafield wrote:
| If you opt to send an encrypted message outside of Tutanota,
| first you set a password, then it sends a link to a special
| inbox where the user can use the password to log in and reply.
| The message's contents don't ever get sent in the clear, and
| only their encrypted contents get stored on Tutanota's servers.
| throwaway81523 wrote:
| That's not really email then (in the sense of interoperating
| with the email standards). It's more like a web based private
| message system with everything on one server. In that case
| though, why store anything on servers at all? Store
| everything on the clients instead. I believe there are some
| systems that do that.
| dane-pgp wrote:
| > the weakest link will usually be at the other person's end
| (and out of your control)
|
| By that logic, no one should ever switch from an insecure
| service to a secure service. The advantage of being backwards
| compatible with email is that you don't lose anything by
| upgrading, and for some messages you do gain something. (You
| shouldn't change your behaviour based on a false sense of
| security, though).
|
| Ideally, the person you are communicating with would use PGP,
| for example if their provider is ProtonMail, so you could have
| end-to-end encrypted communication without having to worry
| about keyservers or encryption settings. Unfortunately,
| however, Tutanota has chosen not to use PGP because of fears of
| "attacks from quantum computers"[0]. Of course, their own
| proprietary system is vulnerable to those attacks too, but
| that's a minor details, and you should ignore it...
|
| [0] https://tutanota.com/faq/#pgp
| nojs wrote:
| I want to like Tutanota but the UI is really bad. Basic things
| like search, threaded emails, resizing/changing the viewport are
| buggy or impossible and there's no alternative desktop client. I
| don't think it's a realistic option for heavy email users at the
| moment.
| iechoz6H wrote:
| That and the name, I got tired of; "Tooter
| what?" "Tutanota." "Can you spell that please?"
| culi wrote:
| They let you use @tuta.io
| kube-system wrote:
| Just use a custom domain. This is generally a good idea
| anyway; you can take your address to any email provider
| whenever you want.
| russdpale wrote:
| yeh this is why I unsubscribed. The UI is simply awful.
| BerlinInterface wrote:
| It's the Berlin, or Hannover, probably, cynicism. If they
| can't have a good mileu, you can't have any good things, as a
| client or user. Berlin and Hannover are cynical people you
| know! < 3
___________________________________________________________________
(page generated 2021-11-22 23:02 UTC)