Why we need to mitigate attacks ourselves
While we cooperate with partners to mitigate finance and banking email list bandwidth-focused attacks, such as large-scale reflection attacks, we do so in a way that maintains full control of our users' data. This is different - and much more privacy-friendly - than what most of our competitors do :
Mitigating DDoS attacks is much easier if we let third parties decrypt and inspect our traffic on their servers in a so-called scrubbing center. Alternatively, some of our competitors feed decrypted traffic into closed-source third-party devices (black boxes). But both methods involve losing control over customer data.
For us at Tuta, this is not an option: You trust us to keep your data confidential, and that’s why we have to defend against DDoS attacks without the help of third-party devices. We’re talking about highly sensitive data , such as IP addresses and access tokens , which would allow a third party to impersonate users and even delete their data. It would also allow the third party to track mappings of IP addresses to user IDs – in other words: third parties would know which IP address belongs to which email address .
Therefore, as at Tuta we prioritize your privacy in all circumstances, it is not possible to use third-party devices.
