Skip to main content
Black Listed News
Trending Articles:
Trending Articles:

Vulnerabilities found in PGP-encrypted emails, users urged to take immediate action

Published: May 14, 2018
Share | Print This


A group of European security researchers have released a warning about a set of vulnerabilities affecting users of PGP and S/MIME. These vulnerabilities pose an immediate risk to those using these tools for email communication, including the potential exposure of the contents of past messages.

A group of European security researchers have released a warningabout a set of vulnerabilities affecting users of PGP and S/MIME. The Electronic Frontier Foundation (EFF) says it has been in communication with the research team, and can confirm that these vulnerabilities pose an immediate risk to those using these tools for email communication, including the potential exposure of the contents of past messages.

The full details of the vulnerability will be published in a paper tomorrow (Tuesday, 15 May, at 3:00 a.m. EST, midnight Pacific).

EFF says that in order to reduce the short-term risk, EFF the researchers have agreed to warn the wider PGP user community in advance of the full publication of the vulnerability.

EFF and the researchers urge users to immediately disable and/or uninstall tools that automatically decrypt PGP-encrypted email.

For a detailed discussion of the vulnerability and how to minimize the risk it entails, see Erica Portnoy, Danny O’Brien, and Nate Cardozo, “Not So Pretty: What You Need to Know About E-Fail and the PGP Flaw” (EFF, 14 May 2018).

Until the flaws described in the paper are more widely understood and fixed, users should arrange for the use of alternative end-to-end secure channels, such as Signal, and temporarily stop sending and especially reading PGP-encrypted email.

Users should refer to these guides on how to temporarily disable PGPplug-ins in:

Thunderbird with Enigmail

Apple Mail with GPGTools

Outlook with Gpg4win

EFF notes that these steps are intended as a temporary, conservative stopgap until the immediate risk of the exploit has passed and been mitigated against by the wider community.

Share This Article...


Emigrate While You Still Can! Learn more...


PLEASE DISABLE AD BLOCKER TO VIEW DISQUS COMMENTS

Ad Blocking software disables some of the functionality of our website, including our comments section for some browsers.





SIGN UP TO GET BLACKLISTED NEWS DELIVERED RIGHT TO YOUR INBOX

Enter your email address:





More Blacklisted News...

Blacklisted Radio
Blacklisted Nation
On Patreon
On Twitter
On Reddit
On Facebook
Blacklisted Radio:
Republic Broadcasting
Podcasts on Youtube
Podcasts on Demand
On Iheart Radio
On Spreaker
On Stitcher
On iTunes
On Tunein

Our IP Address:
198.245.55.242

Sponsors:
good
longboard
brands


Advertise Here...





BlackListed News 2006-2018