snornik

@[email protected] sry for the late reply. yeah thats exacly what i meant. if the keys and the passwords (hashed or not) are stored on the server, that not E2E how i understand it. thats maybe a little bit better than whatsapp but definitly not E2E. if german gov (now or in the future) wants to get all your mails. they just need to man in the middle the password. which will be no problem at all. “end-to-end encryption with only sender & recipient having access” yes exactly thats why you should not have/store the keys in the beginning. passwords need to get transmitted. and it would be E2E only if you would have no access to to keys.

@[email protected] hope its okay to ask but the advertised E2E encryption who has/saves the keys? is it like US based common messenger (pretty sure its clear which one i mean) that advertises encryption but the keys are stored on the same servers and backups than the comm? if i may quote your website “Tuta has zero access to your mailbox, only the sender and the recipient.” how by default? if its not PGP and the users handles their keys themselves? login passwords and every thing else that get send to the server is out of control of the user. and can be logged if politics goes full fascist mode. just asking out of curiosity

@[email protected] @[email protected]

sry to say this tuta: but privacy in germany is a ticking time bomb. maybe for EU reasons its still better than US but for sure not because german gov likes this / wants this or even remotely cares. if they cant pass Vorratsdatenspeicherung, they gonna abuse Hackertoolparagraph or anything else to change this as quickly as possible. and who knows what they enforce upon you about longterm backups even years in future.
also most ISP’s in DE log connections and not because they need to but because they want or got paid todo it.
if i cant trust this country how should i trust a company operating in it? also comparing yourself against the worst seems weird for me. why not compare against the privacy aware competitors?