|
Email Comments, Questions and Miscellaneous Share your opinion of the email service you're using. Post general email questions and discussions that don't fit elsewhere. |
|
Thread Tools |
19 Aug 2020, 12:09 AM | #46 |
Cornerstone of the Community
Join Date: Jul 2011
Posts: 713
|
I had said I was done posting in this thread (!), since I'm now done with Tutanota, but I just wanted to add that I agree with so many of the comments posted, especially TenFour's comments about customer service, and alexu2007's and evfrson's comments about trust. Thanks also for reminding me that I need to (re)configure my email/services with the ability to handle these kinds of situations much better -- for starters, I'll be looking for the best DNS providers and setting things up more robustly than I have done so far, etc.. I can pivot from providers, but not nearly as easily as alexu2007, for example.
As for evfrson's comment about thinking these kinds of small encrypted email providers might be honeypots, the thought has crossed my mind too, but I've tried to give them the benefit of the doubt once I look at their backstories to help evaluate how much trust I'm willing to give them. The old adage that trust should be earned has worked for me, but I think an extra dose of healthy skepticism is useful here too, especially reading between the lines of terms of service and privacy policies, and seeing their track record. While I don't believe that most of these small services are likely honeypots, I think there are plenty of other concerns between the lack of customer service, questionable performance during a crisis, and issues with their various policies, to force me to reevaluate how I'm using these services. This recent situation with Tutanota has made me think twice about how I'm doing things in general, and again, thanks for all your comments. |
19 Aug 2020, 12:30 AM | #47 | |
Cornerstone of the Community
Join Date: Jul 2011
Posts: 713
|
Quote:
|
|
19 Aug 2020, 01:20 AM | #48 |
Cornerstone of the Community
Join Date: Jul 2011
Posts: 713
|
P.S. And actually, something else bugged me about their statement -- I'm obviously overthinking this! -- such as the line about the "attack launched against Tutanota Saturday night was mitigated after several hours..." along with "connectivity remained intermittent for some users with two more short downtimes Sunday and Monday night."
To me, that's sugarcoating the whole situation that unfolded. Words matter. "Several hours," for example, could be interpreted as many things, but it was at least 10-11 hours by my count, maybe more. "Several" could indeed mean "10" if you stretch the connotation, but why not just say "10?" And then "two more short downtimes" was also sugarcoating it. What happened in those other downtimes IMO was not "short." Not to mention the geo bias of their statement... "Saturday night" is only Saturday night for Germany. They've got a global userbase, their Saturday night is someone else's peak critical email time. They should mention actual times UTC/GMT. Not to make a huge deal out of this, but I really don't like services that sugarcoat things or are vague, and I think I have to pull back a little more of my statement that their post was "somewhat decent" as it actually is now reinforcing the concern that they are not being as honest and transparent as they should be. Even the line about being on spam lists was sugarcoated IMO, giving the impression that they were on spam lists only on Sunday and Monday and that they resolved it -- and actually, they are *still* listed in some cases. Anyway, I'll wrap up my overthinking on this, lol. They should just actually be giving a more realistic, accurate, and transparent accounting, such as, "The attack began approximately at so-and-so GMT/UTC and we were able to mitigate most of it by so-and-so GMT/UTC, and our users experienced approximately 10 hours of downtime during the first wave," etc., etc. Instead it was vague, avoided some key details and meaningful answers to other serious concerns I mentioned, and they then highlighted their "usual" uptime of 99.9% (marketingspeak) and began cheerleading the cause of privacy and that they are stalwart defenders thereof. The whole approach is just too rookie to me. Oh well. Okay, promise this is my last post on this topic. I have to get back to work! |
25 Aug 2020, 03:57 AM | #49 |
Master of the @
Join Date: Feb 2017
Location: USA
Posts: 1,744
|
It appears there was another DDoS attach on Tutanota over the weekend. https://twitter.com/TutanotaTeam/sta...27425808678914
|
6 Sep 2020, 06:33 PM | #50 |
The "e" in e-mail
Join Date: Sep 2004
Location: The Netherlands
Posts: 2,908
|
Still under attack.
https://twitter.com/tutanotateam/sta...959723008?s=21 |
14 Sep 2020, 12:32 AM | #52 |
Senior Member
Join Date: Oct 2015
Posts: 162
|
They are going to have to get a grip of this situation otherwise they will have no business.
There are people on Twitter complaining they can't pay for their accounts because of these problems. |
14 Sep 2020, 02:36 AM | #53 | |
The "e" in e-mail
Join Date: Sep 2004
Location: The Netherlands
Posts: 2,908
|
Quote:
|
|
15 Sep 2020, 01:03 AM | #55 |
Senior Member
Join Date: Oct 2015
Posts: 162
|
System down again today.
|
17 Sep 2020, 02:30 AM | #56 |
The "e" in e-mail
Join Date: Apr 2011
Location: Manchester UK
Posts: 2,616
|
|
17 Sep 2020, 05:46 AM | #57 |
Senior Member
Join Date: Oct 2015
Posts: 162
|
Tutanota are developing their own DDOS mitigation system rather than using a service such as Cloudflare, they say for privacy reasons.
Their customers meanwhile are having to wait while this in-house system is developed, however long that will take, and basically have no reliable access to their emails. Seems a very odd way to run an email service to me. |
17 Sep 2020, 06:09 AM | #58 |
Essential Contributor
Join Date: Aug 2007
Posts: 287
|
Why I closed my Tutanota account (I have a paid one):
- they had DDOS attacks in the past and also they probably know what happened to protonmail a few years ago when protonmail had DDOS attacks too. Not acting proactive is just poor planing or maybe just simple stupidity (it won't happen to me) - poor comunication: yeah, we have another DDOS and that's all you need to know. I don't like to be left in the dark. I cannot use a service that have such a massive downtime. |
26 Sep 2020, 03:19 AM | #59 |
Master of the @
Join Date: Feb 2017
Location: USA
Posts: 1,744
|
An article on the attacks: https://www.bleepingcomputer.com/new...-cyberattacks/
|
7 Oct 2020, 07:54 AM | #60 |
Master of the @
Join Date: Feb 2017
Location: USA
Posts: 1,744
|
DDoS attacks reported on October 3 also.
|
Thread Tools | |
|
|