One of the main strengths of the system appears to be that it always uses TOR. I thought TOR was considered to be fairly unsafe, because of exit node eavesdropping. Am I mistaken?
I expect that TOR is excellent for the savvy technologist who understands how to use TOR as just one part of a secure stack, but for the non-expert, I'd be worried about that someone with an exit node can apparently
intercept usernames and passwords for a large number of e-mail accounts
...according to that link. Can anyone describe whether that's really an issue? Is a user safe if they just use https?