Categories
security

Vulnerabilities for PGP and emails

A series of vulnerabilities was discovered which affect emails encrypted with PGP and GnuPG, follow @EFF to understand more about this topic.

following a series of tweets from the Electronic Frontier Foundation, I’m reblogging their article to give it even more visibility on a topic that many don’t seem to know, which is email encryption.

A group of researchers has found out and published a series of vulnerabilities affecting the use of PGP for email encryption (you can read more in depth coverage on this topic on the EFF website)

From what I understand the problem is related to those plugins that rely on PGP or GnuPG to automatically decrypt emails. This vulnerability could allow an attacker to read not only an encrypted message but even older messages encrypted with the same key.

while the various vendors are fixing their software EFF recommendation right now is to disable all plugins that allow to decrypt emails automatically and not to decrypt messages inside the mail software but instead, export them and decrypt them offline.

Here you can find a list of good procedures to disable the affected plugins and how to export encrypted emails to be read using offline tools: Pretty Good Procedures for Protecting Your Email

 

Danilo M.

By Danilo M.

Hi, I'm Danilo, I own this website.
I love Linux, I prefer Slackware over every other distribution, I live, eat, breath WordPress. I'm interested in technology in general and I try to write on this blog whenever I find the time..

Enjoy your stay on danix.xyz

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.