EmailDiscussions.com  

Go Back   EmailDiscussions.com > Discussions about Email Services > Email Comments, Questions and Miscellaneous
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read
Stay in touch wirelessly

Email Comments, Questions and Miscellaneous Share your opinion of the email service you're using. Post general email questions and discussions that don't fit elsewhere.

Reply
 
Thread Tools
Old 16 Aug 2020, 10:09 AM   #16
ioneja
Cornerstone of the Community
 
Join Date: Jul 2011
Posts: 567
Working okay for me, at least at this exact moment, not seeing the issue you're describing. I guess they're still having problems though.

In my case, I also don't think I lost any incoming email while the site was down, which is good news. None of my test messages bounced, they're all in the inbox. For whatever that's worth.
ioneja is offline   Reply With Quote
Old 16 Aug 2020, 10:15 AM   #17
ioneja
Cornerstone of the Community
 
Join Date: Jul 2011
Posts: 567
And they just tweeted again, "Sorry for this inconvenience and thanks for your patience! Tutanota is available now."

Sure hoping they'll post something more comprehensive than that fairly soon... I think three tweets won't be enough.
ioneja is offline   Reply With Quote
Old 16 Aug 2020, 03:20 PM   #18
evfrson
Member
 
Join Date: Oct 2015
Location: UK
Posts: 52
Agreed. This length of downtime is totally unacceptable. Unless they take drastic measures to ensure it can't happen again I am leaving at the end of the current subscription period.

I also expect a detailed account as to what happened not to be fobbed off with meaningless bs.
evfrson is offline   Reply With Quote
Old 16 Aug 2020, 08:26 PM   #19
TenFour
Cornerstone of the Community
 
Join Date: Feb 2017
Posts: 835
Let us know what the explanation is. ProtonMail has also been hit by DDoS attacks, as have many other email providers. https://protonmail.com/blog/a-brief-...dos-incidents/. As was Fastmail: https://fastmail.blog/2015/11/11/ddo...ion-this-week/
TenFour is offline   Reply With Quote
Old 16 Aug 2020, 08:48 PM   #20
evfrson
Member
 
Join Date: Oct 2015
Location: UK
Posts: 52
Quote:
Originally Posted by TenFour View Post
Let us know what the explanation is. ProtonMail has also been hit by DDoS attacks, as have many other email providers. https://protonmail.com/blog/a-brief-...dos-incidents/. As was Fastmail: https://fastmail.blog/2015/11/11/ddo...ion-this-week/
Yes of course I will pass on what they say but so far nothing.
Looking at their tweet timings the whole DDOS episode lasted 10 hours so I guess they are busy atm gathering their thoughts.

Yes Runbox has had a few DDOS attacks too but I don't think any provider has endured a 10 hour attack.
evfrson is offline   Reply With Quote
Old 17 Aug 2020, 12:16 AM   #21
ioneja
Cornerstone of the Community
 
Join Date: Jul 2011
Posts: 567
For me it boils down to the quality of their explanation and how they intend to mitigate future attacks. 10 hours was way too much, especially with poor communication, but as TenFour pointed out, pretty much all the services have been hit by these kinds of attacks. The difference is how they managed the post mortem and adjusted. In FastMail's case, for example, they handled it with tremendous transparency and detail, which I really appreciated. Long-time FastMail subscribers may remember Bron Gondwana's (now the CEO) really detailed accounts, which went a long way to building trust when there were problems. Tutanota needs to take a page out of FastMail's book for this situation and give their customers transparency and a good plan going forward. If this is brushed under the carpet, I'd agree completely with evfrson that it's not worth renewing a subscription.

As it is, I had been planning on pointing a few domains over to Tutanota since I had grown to like them during my testing phase with a little paid account, but for now that's on hold until I see what happens next. Crossing fingers they post a good update about the incident soon.
ioneja is offline   Reply With Quote
Old 17 Aug 2020, 12:33 AM   #22
evfrson
Member
 
Join Date: Oct 2015
Location: UK
Posts: 52
I've been rethinking how I am going to do things messaging wise after this incident.
I've decided to use a combination of Fastmail, Signal and secure file sharing using Internxt.
I am going to ditch Tutanota.
evfrson is offline   Reply With Quote
Old 17 Aug 2020, 12:56 AM   #23
TenFour
Cornerstone of the Community
 
Join Date: Feb 2017
Posts: 835
Having worked for awhile for a fairly large email service provider I can tell you that it is not always easy or quick to determine exactly what has happened in an outage. For example, the DDoS attack might take out a piece of Internet backbone that is not under your control and the company that manages that might not be very forthcoming about what is happening. Sometimes things just get messed up in such a way you never know exactly what was going on. I remember one time when emails were taking a really long time to be delivered, and we eventually learned that a large chunk of the Internet was being routed through some regional ISP in Russia, which was unable to handle the load. That seemed rather suspicious, and it fairly quickly went back to normal, but we never learned what made that happen. Here's an article on that type of incident: https://www.zdnet.com/article/russia...re-and-others/
TenFour is offline   Reply With Quote
Old 17 Aug 2020, 12:57 AM   #24
ioneja
Cornerstone of the Community
 
Join Date: Jul 2011
Posts: 567
Quote:
Originally Posted by evfrson View Post
I've been rethinking how I am going to do things messaging wise after this incident.
I've decided to use a combination of Fastmail, Signal and secure file sharing using Internxt.
I am going to ditch Tutanota.
Seems like a decent combination, and makes sense ditching Tutanota. I'm going to wait a little longer to see their official statement on this, but their latest tweet just now is not very encouraging... seems like business as usual marketing (nothing against that on a normal day), when they need to mop up and rebuild trust. Here's their latest tweet:

"We're committed to make a sad 2020 for the open web less sad: While Mozilla reduces its workforce by one third, we plan to increase ours by one third. If you are on the #MozillaLifeboat, contact us! With our passion for #privacy & #opensource we build a better & Google-free web💪"

Perfectly fine sentiment, but wrong message at this moment IMO.
ioneja is offline   Reply With Quote
Old 17 Aug 2020, 01:01 AM   #25
evfrson
Member
 
Join Date: Oct 2015
Location: UK
Posts: 52
Quote:
Originally Posted by ioneja View Post
Seems like a decent combination, and makes sense ditching Tutanota. I'm going to wait a little longer to see their official statement on this, but their latest tweet just now is not very encouraging... seems like business as usual marketing (nothing against that on a normal day), when they need to mop up and rebuild trust. Here's their latest tweet:

"We're committed to make a sad 2020 for the open web less sad: While Mozilla reduces its workforce by one third, we plan to increase ours by one third. If you are on the #MozillaLifeboat, contact us! With our passion for #privacy & #opensource we build a better & Google-free web💪"

Perfectly fine sentiment, but wrong message at this moment IMO.
When I saw that tweet that is when I made my decision.
evfrson is offline   Reply With Quote
Old 17 Aug 2020, 01:08 AM   #26
evfrson
Member
 
Join Date: Oct 2015
Location: UK
Posts: 52
Quote:
Originally Posted by TenFour View Post
Having worked for awhile for a fairly large email service provider I can tell you that it is not always easy or quick to determine exactly what has happened in an outage. For example, the DDoS attack might take out a piece of Internet backbone that is not under your control and the company that manages that might not be very forthcoming about what is happening. Sometimes things just get messed up in such a way you never know exactly what was going on. I remember one time when emails were taking a really long time to be delivered, and we eventually learned that a large chunk of the Internet was being routed through some regional ISP in Russia, which was unable to handle the load. That seemed rather suspicious, and it fairly quickly went back to normal, but we never learned what made that happen. Here's an article on that type of incident: https://www.zdnet.com/article/russia...re-and-others/
Yes thanks I will read that article.

The problem here with Tutanota is that they appear to be carrying on as if nothing really has happened.

They haven't said we will tell our customers what happened and what steps we will take to mitigate this type of incident in the future.

They haven't responded to some of the customers tweets who are naturally very concerned about what happened.

They haven't said they will be setting up a separated status page (which several users have been asking for) to inform customers what is happening with the service.

Not everyone is on Twitter and were totally unaware what was going on.

This is just not acceptable.
evfrson is offline   Reply With Quote
Old 17 Aug 2020, 01:58 AM   #27
ioneja
Cornerstone of the Community
 
Join Date: Jul 2011
Posts: 567
Agreed. The problem is not that a DDoS attack happened (since that can and has happened to just about every serious provider at some point as has been rightly pointed out by TenFour), and it's also not whether or not Tutanota (or their providers or their network defense partner, which is BTW https://www.link11.com/en/ ), have really understood or determined the specific details of the attack yet, or even if they're ready to make an announcement. It's their lousy response so far. Three lousy tweets for 10 hours and then business as usual is not going to work for me either. There has been little to no engagement so far. If they had made a statement as simple as something like the following, my opinion would be different:

"Dear Tutanota customers, now that the dust has cleared on this major attack, we are still determining with our partner Link11 all the details of the attack, and we will be posting an update soon, including how we plan to more quickly mitigate such attacks in the future."

That would have helped a lot... but nothing like that has been posted.

And they should also say something like, "We apologize for the poor communication during the outage -- as a first step to better customer service, we plan to set up an external status page so that you can follow the developing situation. Stay tuned for more updates on this crucial matter, and thank you for your continued support and understanding!"

And then all that needs to be followed up with some strong actions.

Instead we have received, "Sorry for this inconvenience and thanks for your patience! Tutanota is available now" -- which is just not nearly enough by any standard... and then a rather uninspiring most recent tweet, "We're committed to make a sad 2020 for the open web less sad: While Mozilla reduces its workforce by one third, we plan to increase ours by one third. If you are on the #MozillaLifeboat, contact us! With our passion for #privacy & #opensource we build a better & Google-free webFlexed biceps"

So I get evfrson's position, which is very similar to my own, except I'm waiting another day or two to see an official after-action statement -- or at least a decent update and acknowledgement that they are working on it. If nothing is forthcoming soon, including no meaningful response to the many requests as evfrson has pointed out for a status page, etc., then I think that demonstrates that Tutanota is not nearly mature enough IMO, and at least for now, can't be trusted with extremely important secure email.
ioneja is offline   Reply With Quote
Old 17 Aug 2020, 02:19 AM   #28
evfrson
Member
 
Join Date: Oct 2015
Location: UK
Posts: 52
Yes you are right on all points.
I also find it annoying when companies say 'Thank you for your patience' when it is obvious from Twitter that people were not patient they were very impatient.

evfrson is offline   Reply With Quote
Old 17 Aug 2020, 06:31 AM   #29
TenFour
Cornerstone of the Community
 
Join Date: Feb 2017
Posts: 835
Some people have been reporting on Twitter that email is down again. Not sure if it is them or Tutanota.
TenFour is offline   Reply With Quote
Old 17 Aug 2020, 06:40 AM   #30
evfrson
Member
 
Join Date: Oct 2015
Location: UK
Posts: 52
Quote:
Originally Posted by TenFour View Post
Some people have been reporting on Twitter that email is down again. Not sure if it is them or Tutanota.
Yes I saw that some people haven't had access to their email for over 24 hours which is totally unacceptable and no meaningful response at all from Tutanota.

So glad I have left if that's the way they run their business.
evfrson is offline   Reply With Quote
Reply


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Forum Jump


All times are GMT +9. The time now is 04:26 AM.

 

Copyright EmailDiscussions.com 1998-2013. All Rights Reserved. Privacy Policy