The Electronic Frontier Foundation (EFF) has announced that it has confirmed some security blanks that reveal PGP encrypted email contents. EFF said in a release that users should uninstall PGP until security gaps are corrected.
Our advice, which reflects that of the researchers, is to immediately deactivate tools that automatically decrypt encrypted emails.
Until the defects described in the document are understood and defined more broadly, you should use security alternatives such as Signal and temporarily stop sending and reading encrypted messages with PGP.
In a tweet, EFF specifically warned users not to decrypt messages they use to encrypt PGP in mail applications.
All the technical details about the defect will be released on Tuesday. One of the researchers who discovered it exploit announced in a tweet that there are no reliable fixes for this particular vulnerability.
Meanwhile, EFF has created guides to disable PGP in Outlook, Thunderbird, Enigmail and Apple Mail.
GnuPG's Werner Koch said the warnings were "excessive" and that the EFF had not contacted GnuPG.
“They claim that mail customers that did not controln correctly for decryption errors carry the risk of serving malicious links in HTML messages, so the vulnerability is in the mail clients and not the protocols," the tweet of GnuPG.
Enigmail's Robert Hansen said the EFF publication: "We are not worried in the slightest."
Let's mention that the EFF is not used to us falses alarms. Until the vulnerability, or vulnerabilities are announced, it would be good to be very careful especially if you are using one email client of those we mentioned above.
For more details, read the EFF publication.
PGP Disabling Guides
___________________
- IBM Deep Learning as a Service: Train your AI
- WebStresser: Europol closed the world's largest DDoS service
- Facebook: We have the social network that we deserve
Therefore (and for many other reasons) in the present period, the use of proton mail is imperative.
Note that, sending - receiving secure mail makes sense ONLY when done by proto mail 2 proton mail, as if sent from proton to gmail etc,… papala the encryption and security of communications.
Therefore (and for many other reasons) in the present period, the use of proton mail is imperative.
Note that, sending - receiving secure mail makes sense ONLY when done by proto mail 2 proton mail, as if sent from proton to gmail etc,… papala the encryption and security of communications.