Tutanota's paywall
Today, when I wanted to search my mailbox for a specific email -which was sent to me long time ago- I found out Tutanota doesn't include emails which were sent more than one month ago in search results. That pretty much makes it useless for me (unless I pay). What makes it more nasty, is that they won't tell you this on registration (they are hiding this, in a tool tip in "more details" section). I know that technically it is possible to fork their email client and create this feature, but this is not gonna happen anytime soon. I also found by "Open source email" they just mean the clients (which IceDove already provides that) and not the server applications.
I'm really sad because I loved Tutanota so much :(
I tried using this service a while (3 years?) ago, with a paid subcription (I don't consider paying an issue, they need to pay bills for their server). Subscribers accessed their messages from the tutanota website and the "desktop client" was actually doing the same using the Electron framework. Sending a message to a non-subscriber would send a plain unciphered email if encryption is not used or an email with a link to tutanota's website to read the ciphered message and reply.
That means that ciphered messages never left tutanota's server, so it is misleading to call this a "ciphered email service" and if the server is down, all messages are gone. This is what convinced me not to use that service.
I don't know if anything in what I describe changed.
Your criticism is accurate but unfortunately I think in most cases where you need to email someone who uses a different email service, the recepient is someone who does'nt have the knowledge or motivation to set up the software on they're end to decrypt a ciphered email, so the way that Tutanota and similar email services do it, by storing the message on their own server, it removes the barrier for less technical people to read your email. I think the compromise maybe is worth it if it means you can send a ciphered message without immediately alienating all of your non-technical contacts. What do you think? Storing the message on the server also makes ephemarality possible, which may be an advantage or disadvantage depending on your viewpoint.
Also the major email platforms which offer this "ciphered" email service have not yet collaborated to make possible sending ciphered emails between users of these different services but it would be nice to see this in future. I think it is not their priority now.
> I think the compromise maybe is worth it if it means you can send a ciphered message without immediately alienating all of your non-technical contacts.
Ciphered but neither stored on the computer of the sender nor on the computer of the receiver, unless one manually saves each message to a file, which is not practical at all.
Asking my non-technical contacts to use Tutanota's website and store a password would be asking them a favour already, so I'd prefer asking them to let me setup encryption on their email client if they would let me do so.
About collaboration: protonmail uses pgp, so you can exchange ciphered emails with protonmail users and paid users can have a bridge to imap. However, I'd still propose to my non-technical contacts to setup encryption for them.
> Ciphered but neither stored on the computer of the sender nor on the computer of the receiver, unless one manually saves each message to a file, which is not practical at all.
I suppose it depends on how you want to use email. If you just want to communicate with messages which are only relevent for a short period of time it is not such a problem but if you want to keep a history of your conversations then you are right it is not so practical.
> I'd still propose to my non-technical contacts to setup encryption for them.
This is possible maybe with contacts you know and trust for a long time but if you want to give your contact to someone you meet casually for the first time I dont know how they will react if you tell them "just give me your device for a moment and let me install some software on it"!
If this kind of ciphered message sending is indeed deemed optimal, then
it might be good to do it without relying on one's email provider for
security.
The CHATONS collective offers some kind of encrypted text sharing
One could put a message there and then send a link + password to
someone via email. The same issue would normally apply as in the case
od Tutanota — that the service can at some point serve different
JavaScript that will allow it to steal the password. But the service is
free software and can be self-hosted which would solve this problem
(for those who are able to self-host, at least)
@sid I want to point out that Protonmail also provides the feature of sending an encrypted mail to users of different services. The mechanism is identical to Tutanota's. But since Protonmail has a million links to non-free websites like Instagram, Play store and etc. I don't like them so much!
@Avron it is still the same.
I still think Tutanota's team are providing excellent features and unfortunately a few anti-features like this one. I want to ask them to remove this paywall. Do you guys also think that it should be removed?
Another thing: Tutanota's service relies on executing code dynamically downloaded from Tutanota's website, then it could once send code that is not the code that they publish and was audited and steals one's credentials. Also, one is trusting their ciphering algorithm and its implementation.
By doing gpg encryption on one's own device, one is vulnerable to quantum computers, making mistakes and loosing keys but one does not have to trust Tutanota.
To me, paying is not a problem. I would happily pay for a service that guarantees availability of my email while I don't have to trust the service provider thanks to encryption/decryption done by a free software program installed on my own machine.
I guess I never noticed because I have always paid for the Tutanota service. It costs me less than $2 CAD a month. I can't think of many things in my life that are that cheap. Even a large coffee costs me more than that most places where I live. I can understand your frustration but this is an issue with FOSS projects in general where most have so many users who aren't willing to support the project financially.
Thanks @PublicLewdness ! So if I get it correctly, it is not a "Paywall". It is intended to push people to pay for an email they want to use. This is very understandable and it was inappropriate to call it a "Paywall".
Yes, the term "Paywall" refers to a site which hides content from users until they pay to access it (think JSTOR for example).
It is more accurate to describe Tutanota's model as a "freemium" business model.
If you don't want to pay for a subscription, have you investigated if it is possible to export your messages and then search through them using desktop search tools? (If you don't mind storing your messages unencrypted on your disk.)
@sid Yes, I wish I could edit the subject but that's impossible. And again, thanks for your kind replies! I've contacted the Tutanota team and shared my concerns with them.
[deleted]
Okay, I contacted the Tutanota's team. They were actually so nice and I found that it's my fault to expect every libre service that I use to be gratis. I recommend Tutanota to everyone!
It's pretty good for what it is - a heavily encrypted email service. For ease of use I much prefer Disroot email, and I hardly ever use my Tutanota account.
Thanks for the reply! However, Tutanota does something better than Disroot. It automatically E2E encrypts your message if both sender and recipient use Tutanota (you don't need to GPG or anything, its really simple). I think it would be great if Disroot also implants that feature. And ultimately good if all libre-email providers like (riseup, protonmail etc...) use this as a standard protocol; If sender and receiver both use libre-emails, then servers should automatically E2E encrypt it.
> However, Tutanota does something better than Disroot. [...]
I strongly disagree. As mentioned by others in their posts, the Tutanota's E2E encryption relies on JavaScript code sent by Tutanota's server to the user's web browser[1]. So even tho the encryption keys do formally belong to the users, both the encryption process and processing of the keys are in fact controlled by Tutanota.
At the same time, the *standard* PGP encryption that's free from this flaw is, AFAIU, made impossible by Tutanota.
While I don't accuse Tutanota of any malice (I find it *plausible* that owners of this service run it in good faith), I would definitely recommend Disroot over it as it gives users more control.
Also, the "simple" and "automatic" E2E might be appealing but the truth is — communication security requires some key exchange mecahism to be in place. If your software trusts others' keys automatically, it means the security of E2EE communication is either faked or relies on some "third party" that confirms the authenticity of keys. Sadly, the presence of any "trusted" third party creates a hole in the security of E2EE.
In the end, I'd consider Protonmail more useful than Tutanota because it uses PGP and remains compatible with existing users of encrypted email. If anything, I believe such services should try to educate their users about E2EE security shortcomings of web apps. In fact, I'd call it OK to offer some dummy E2EE like Protonmail and Tutanota webapps do — as long as this is a supplemental feature and users are actively encouraged to switch to non-web clients.
[1] One of the posts makes me believe the Tutanota app also has this problem although (disclaimer) I have not verified it myself.
Thanks, your comment raises an off-topic question for me. I've always thought Tutanota doesn't rely on non-free Javascript codes because LibreJS didn't complain about it (look at attached screenshot), But after reading your comment I loaded Tutanota in an incognito tab and I saw non-free javascripts were being blocked.
How is that? Is that because of caching? Or a bug? Or me missing something?
I saw similar things like you but after I found that I had an exception for https://mail.tutanota.com/* in LibreJS, removed it and reloaded, then the Javascript from Tutanota was blocked by LibreJS.
Tutanota did not put license tags as indicated in https://www.gnu.org/software/librejs/manual/librejs.html#License-tags so LibreJS does not recognize the Javascript from Tutatona as free.
That said, even if Tutanota Javascript is free software, this does not give you control of the encryption process and of the handling of your keys.
And as I mentioned elsewhere in this thread, Tutanota will soon force it's users to run pre-compiled WebAssembly code in their browser, so Tutanota users need to trust more blind then ever
.
It gets worse, Tutanota now wants to force everyone to run WebAssembly code