undefined | Better HN

0 pointshnarn2y ago0 comments

So what? The assumption is that the data is encrypted at rest. If your threat model is "physical seizure by a nation state" then obviously you shouldn't be storing your encrypted data at a SaaS provider in a location out of your control anyway, but I don't see why it would be a reasonable assumption by default that Tuta willingly uses weak (or no) encryption.

0 comments

1 comments · 1 top-level

byyll2y ago

> I don't see why it would be a reasonable assumption by default that Tuta willingly uses weak (or no) encryption.

Quite the opposite even, according to them at least. They are one of the first pioneering post-quantum encryption in email.

j / k navigate · click thread line to collapse