I’m not really saying that what Tutanota does is insecure, but historically doing security on your own instead of using established standards has not been a winning move.
Plus their unwillingness to open source it and not sharing the audits just doesn’t inspire my confidence.
Overall they’re probably fine, but these are some of the main reasons I ultimately chose Proton instead.
BTW, they’re not “slowly developing” post-quantum encryption, they’re just saying they may do that at some point in the future - which everyone will have to do anyway when we get to this point.
I’m not really saying that what Tutanota does is insecure, but historically doing security on your own instead of using established standards has not been a winning move.
Plus their unwillingness to open source it and not sharing the audits just doesn’t inspire my confidence.
Overall they’re probably fine, but these are some of the main reasons I ultimately chose Proton instead.
BTW, they’re not “slowly developing” post-quantum encryption, they’re just saying they may do that at some point in the future - which everyone will have to do anyway when we get to this point.