we appear to be the first to write up the outrage coherently too. much thanks to the illustrious @self
they’re not end-to-end encrypted; their security model involves giving their server both your GPG private key and its passphrase, which makes your inbox and other data trivially able to be subpoenaed by German authorities.
I don’t think this is a replacement for Proton or Tutanota at all.
It’s encrypted and based out of Germany (so, outside of five eyes).
[…] your inbox and other data trivially able to be subpoenaed by German authorities
Germany is a member of the Fourteen Eyes alliance and shares data with 9 and 5 eyes members.
I just wanted to put that out there after @czech@lemm.ee suggested that the five eyes are the only eyes. They share with Germany and vice versa.