EmailDiscussions.com  

Go Back   EmailDiscussions.com > Discussions about Email Services > Email Comments, Questions and Miscellaneous
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read
Stay in touch wirelessly

Email Comments, Questions and Miscellaneous Share your opinion of the email service you're using. Post general email questions and discussions that don't fit elsewhere.

Reply
 
Thread Tools
Old 19 Aug 2020, 12:09 AM   #46
ioneja
Cornerstone of the Community
 
Join Date: Jul 2011
Posts: 576
I had said I was done posting in this thread (!), since I'm now done with Tutanota, but I just wanted to add that I agree with so many of the comments posted, especially TenFour's comments about customer service, and alexu2007's and evfrson's comments about trust. Thanks also for reminding me that I need to (re)configure my email/services with the ability to handle these kinds of situations much better -- for starters, I'll be looking for the best DNS providers and setting things up more robustly than I have done so far, etc.. I can pivot from providers, but not nearly as easily as alexu2007, for example.

As for evfrson's comment about thinking these kinds of small encrypted email providers might be honeypots, the thought has crossed my mind too, but I've tried to give them the benefit of the doubt once I look at their backstories to help evaluate how much trust I'm willing to give them. The old adage that trust should be earned has worked for me, but I think an extra dose of healthy skepticism is useful here too, especially reading between the lines of terms of service and privacy policies, and seeing their track record. While I don't believe that most of these small services are likely honeypots, I think there are plenty of other concerns between the lack of customer service, questionable performance during a crisis, and issues with their various policies, to force me to reevaluate how I'm using these services. This recent situation with Tutanota has made me think twice about how I'm doing things in general, and again, thanks for all your comments.
ioneja is offline   Reply With Quote
Old 19 Aug 2020, 12:30 AM   #47
ioneja
Cornerstone of the Community
 
Join Date: Jul 2011
Posts: 576
Quote:
Originally Posted by TenFour View Post
And BTW, that was a somewhat decent post by them, glad they finally did that. However, it doesn't solve some core issues for me, personally, but I'll keep an eye for what material changes they actually make in the future, and for further updates. And they didn't explain why they are still blacklisted, not to mention why abuse reports are still coming in from their IP, and what's up with some questionable domains that are resolving to their IP, etc. Also, other than mentioning that they will finally be creating an external update service (with poor justification IMO of why they haven't done it so far), they also did not take accountability for the way they failed to keep everyone updated during the attack. So concerns still remain for me. This looks more like rookie damage control to me than real, meaningful change and accountability. But that's just my take on it, and time will tell. I understand that this is still a fluid situation, but for now I'm not planning on signing up again. In any case, I do wish them well and hope they can be successful.
ioneja is offline   Reply With Quote
Old 19 Aug 2020, 01:20 AM   #48
ioneja
Cornerstone of the Community
 
Join Date: Jul 2011
Posts: 576
P.S. And actually, something else bugged me about their statement -- I'm obviously overthinking this! -- such as the line about the "attack launched against Tutanota Saturday night was mitigated after several hours..." along with "connectivity remained intermittent for some users with two more short downtimes Sunday and Monday night."

To me, that's sugarcoating the whole situation that unfolded. Words matter. "Several hours," for example, could be interpreted as many things, but it was at least 10-11 hours by my count, maybe more. "Several" could indeed mean "10" if you stretch the connotation, but why not just say "10?" And then "two more short downtimes" was also sugarcoating it. What happened in those other downtimes IMO was not "short." Not to mention the geo bias of their statement... "Saturday night" is only Saturday night for Germany. They've got a global userbase, their Saturday night is someone else's peak critical email time. They should mention actual times UTC/GMT.

Not to make a huge deal out of this, but I really don't like services that sugarcoat things or are vague, and I think I have to pull back a little more of my statement that their post was "somewhat decent" as it actually is now reinforcing the concern that they are not being as honest and transparent as they should be. Even the line about being on spam lists was sugarcoated IMO, giving the impression that they were on spam lists only on Sunday and Monday and that they resolved it -- and actually, they are *still* listed in some cases.

Anyway, I'll wrap up my overthinking on this, lol. They should just actually be giving a more realistic, accurate, and transparent accounting, such as, "The attack began approximately at so-and-so GMT/UTC and we were able to mitigate most of it by so-and-so GMT/UTC, and our users experienced approximately 10 hours of downtime during the first wave," etc., etc. Instead it was vague, avoided some key details and meaningful answers to other serious concerns I mentioned, and they then highlighted their "usual" uptime of 99.9% (marketingspeak) and began cheerleading the cause of privacy and that they are stalwart defenders thereof. The whole approach is just too rookie to me. Oh well.

Okay, promise this is my last post on this topic. I have to get back to work!
ioneja is offline   Reply With Quote
Old 25 Aug 2020, 03:57 AM   #49
TenFour
Cornerstone of the Community
 
Join Date: Feb 2017
Posts: 857
It appears there was another DDoS attach on Tutanota over the weekend. https://twitter.com/TutanotaTeam/sta...27425808678914
TenFour is offline   Reply With Quote
Old 6 Sep 2020, 06:33 PM   #50
Berenburger
The "e" in e-mail
 
Join Date: Sep 2004
Location: The Netherlands
Posts: 2,655
Still under attack.
https://twitter.com/tutanotateam/sta...959723008?s=21
Berenburger is offline   Reply With Quote
Old 13 Sep 2020, 05:37 PM   #51
Berenburger
The "e" in e-mail
 
Join Date: Sep 2004
Location: The Netherlands
Posts: 2,655
Tutanota under constant DDOS attack.
Why are they a target and who has the resources available to do this continuously.
Berenburger is offline   Reply With Quote
Old 14 Sep 2020, 12:32 AM   #52
evfrson
Member
 
Join Date: Oct 2015
Location: UK
Posts: 52
They are going to have to get a grip of this situation otherwise they will have no business.
There are people on Twitter complaining they can't pay for their accounts because of these problems.
evfrson is offline   Reply With Quote
Old 14 Sep 2020, 02:36 AM   #53
Berenburger
The "e" in e-mail
 
Join Date: Sep 2004
Location: The Netherlands
Posts: 2,655
Quote:
Originally Posted by evfrson View Post
They are going to have to get a grip of this situation otherwise they will have no business.
There are people on Twitter complaining they can't pay for their accounts because of these problems.
On Reddit the discussion leaving or not .....
Berenburger is offline   Reply With Quote
Old 14 Sep 2020, 04:16 AM   #54
evfrson
Member
 
Join Date: Oct 2015
Location: UK
Posts: 52
Quote:
Originally Posted by Berenburger View Post
On Reddit the discussion leaving or not .....
Interesting discussion.
This situation has been ongoing for a month at least (I think) and users are, not surprisingly, becoming impatient for a permanent solution.
evfrson is offline   Reply With Quote
Old 15 Sep 2020, 01:03 AM   #55
evfrson
Member
 
Join Date: Oct 2015
Location: UK
Posts: 52
System down again today.
evfrson is offline   Reply With Quote
Old 17 Sep 2020, 02:30 AM   #56
FredOnline
The "e" in e-mail
 
Join Date: Apr 2011
Location: Manchester UK
Posts: 2,350
Quote:
Originally Posted by evfrson View Post
System down again today.
More problems today, and website is down:

https://postimg.cc/MndtCjzV
FredOnline is offline   Reply With Quote
Old 17 Sep 2020, 05:46 AM   #57
evfrson
Member
 
Join Date: Oct 2015
Location: UK
Posts: 52
Tutanota are developing their own DDOS mitigation system rather than using a service such as Cloudflare, they say for privacy reasons.
Their customers meanwhile are having to wait while this in-house system is developed, however long that will take, and basically have no reliable access to their emails.
Seems a very odd way to run an email service to me.
evfrson is offline   Reply With Quote
Old 17 Sep 2020, 06:09 AM   #58
alexu2007
Essential Contributor
 
Join Date: Aug 2007
Posts: 239
Why I closed my Tutanota account (I have a paid one):

- they had DDOS attacks in the past and also they probably know what happened to protonmail a few years ago when protonmail had DDOS attacks too. Not acting proactive is just poor planing or maybe just simple stupidity (it won't happen to me)

- poor comunication: yeah, we have another DDOS and that's all you need to know. I don't like to be left in the dark.

I cannot use a service that have such a massive downtime.
alexu2007 is offline   Reply With Quote
Old 26 Sep 2020, 03:19 AM   #59
TenFour
Cornerstone of the Community
 
Join Date: Feb 2017
Posts: 857
An article on the attacks: https://www.bleepingcomputer.com/new...-cyberattacks/
TenFour is offline   Reply With Quote
Old 7 Oct 2020, 07:54 AM   #60
TenFour
Cornerstone of the Community
 
Join Date: Feb 2017
Posts: 857
DDoS attacks reported on October 3 also.
TenFour is offline   Reply With Quote
Reply


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Forum Jump


All times are GMT +9. The time now is 12:21 PM.

 

Copyright EmailDiscussions.com 1998-2013. All Rights Reserved. Privacy Policy