e-mail encryption warning from E.F.F

Chat about just about anything else
Post Reply
Level 6
Level 6
Posts: 1400
Joined: Tue Feb 21, 2017 8:13 pm
Location: Alamogordo, New Mexico, USA

e-mail encryption warning from E.F.F

Post by DAMIEN1307 » Mon May 14, 2018 6:48 am

I cant say that i know anything about the encryption services E.F.F refers to in this article but im posting this article from them for those of you who do know all about this...DAMIEN

https://www.eff.org/deeplinks/2018/05/a ... action-now

User avatar
Level 5
Level 5
Posts: 792
Joined: Sat Jul 19, 2014 12:04 am
Location: Hattiesburg, MS USA

Re: e-mail encryption warning from E.F.F

Post by BenTrabetere » Mon May 14, 2018 1:00 pm

As I understand there is a vulnerability; it involves PGP/GPG, but the problem is with mail clients and HTML emails. (I will never be convinced that HTML email is anything other than a Force of Evil. It is up there with PowerPoint, top-posting, and putting mayonnaise on a hotdog.)

https://lists.gnupg.org/pipermail/gnupg ... 60315.html

They figured out mail clients which don't properly check for decryption errors and also follow links in HTML mails. So the vulnerability is in the mail clients and not in the protocols. In fact OpenPGP is immune if used correctly while S/MIME has no deployed mitigation.

Post Reply

Return to “Open chat”