I hope to hear from @Tutanota very soon. Lack of key verification is a major flaw in the technical design of the platform, allowing a malicious Tuta server to read end-to-end encrypted exchanges (both emails and shared calendars).
github.com/tutao/tutanota/issuβ¦
The issue has been opened 6 years ago.
#Security #Privacy #Crypto #Cryptography #Email #FOSS
![Message posted on the GitHub issue titled "Manual key verification":
"This issue has been opened for more than 6 years now, with no clear roadmap or even real consideration from the Tuta team. I have to say, I am disappointed.
You keep saying that "[...] Tuta [is] the most secure email service on the market.", but without key verification, a malicious Tuta server can read the end-to-end encrypted emails and shared calendars exchanged on the platform as there is no way to verify the recipients' public key. As explained by @llebout, "all users of Tutanota must trust Tutanota to not provide forged keys and perform an MITM attack". This is a significant flaw in the technical design of the platform, and it does not seem to bother you.
In #198, it can be read that:
> We are aware of the issues with verification, new protocol will support verification, the work is underway
However, your post-quantum implementation has now landed but still no word on the key verification issue.
Could you please stand by what you have said from day 1, that you prioritise security and privacy, and establish a clear roadmap of the work already undertaken or to be done to fix the situation?
Thank you"](https://fedi.ml/photo/preview/640/595249 "Message posted on the GitHub issue titled \"Manual key verification\":
\"This issue has been opened for more than 6 years now, with no clear roadmap or even real consideration from the Tuta team. I have to say, I am disappointed.
You keep saying that \"[...] Tuta [is] the most secure email service on the market.\", but without key verification, a malicious Tuta server can read the end-to-end encrypted emails and shared calendars exchanged on the platform as there is no way to verify the recipients' public key. As explained by @llebout, \"all users of Tutanota must trust Tutanota to not provide forged keys and perform an MITM attack\". This is a significant flaw in the technical design of the platform, and it does not seem to bother you.
In #198, it can be read that:
> We are aware of the issues with verification, new protocol will support verification, the work is underway
However, your post-quantum implementation has now landed but still no word on the key verification issue.
Could you please stand by what you have said from day 1, that you prioritise security and privacy, and establish a clear roadmap of the work already undertaken or to be done to fix the situation?
Thank you\"")
Tuta
in reply to Skyper π»π§βπ • • •