PGP: 'Serious' flaw found in secure email tech

PGP: 'Serious' flaw found in secure email tech

The attack works by exploiting how email clients read HTML code, researchers said.

The vulnerabilities dubbed EFAIL are harmful as they can reveal the contents of messages in plain text, even for the messages from the past.

German researchers have warned those using a popular form of email encryption that serious flaws mean their messages could be decoded by attackers. On the other hand, S/MIME is used mainly in enterprise infrastructure.

In separate news, the researchers have come up with a new technology that could make hacking impossible.

Schinzel and his team's research has been corroborated by Electronic Frontier Foundation (EFF), and has been described in detail by the researchers in a paper published earlier today. "Having used PGP since 1993, this sounds baaad (sic)", F-Secure's Mikko Hypponenwrote in a tweet.

"Our advice, which mirrors that of the researchers, is to immediately disable and/or uninstall tools that automatically decrypt PGP-encrypted email." an EFF spokesperson advised.

Furthermore, in order to exploit the Efail vulnerability, attackers would need to capture emails and send them to the original recipient for decryption, the researchers said.

Is Dubai still on Uber's radar for flying taxis?
At the most recent conference, Uber also announced an open call for the selection of its first worldwide UberAIR launch city. The ride-sharing company unveiled its latest research and plans at the second annual Uber Elevate Summit this week.

While the requirement that attackers have access to previously sent e-mails is a an extremely high bar, the entire goal of both PGP and S/MIME is to protect users against this possibility. Numerous email clients also support S/MIME - Secure/Multipurpose Internet Mail Extensions - for sending encrypted communications and digitally signing messages.

On the victim's end, the email client first decrypts the second part and then combines all three into one email. But the authors state that they have "disclosed the vulnerabilities to all affected email vendors, and to national CERTs and our findings were confirmed by these bodies". While PGP is today owned by Symantec, an open source implementation called GNU Privacy Guard (GPG) has been widely adopted by the security community in a number of contexts, this is referred to as OpenPGP.

The group of researchers plan to publish their research paper with details about the vulnerability on Tuesday.

"This is bad because the people who use PGP use it for a reason", he told the BBC. You can also disable HTML rendering in your email messages.

The researchers claim that they have disclosed their findings "responsibly" to global computer emergency readiness teams (Certs), GNU PG developers and the affected suppliers, which have applied (or are in the process of applying) countermeasures.

YOUR EMAILS could be vulnerable to interception following a discovery of a major flaw in PGP/S-MIME encryption, far and away the most popular was of protecting emails.

Related Articles

  • Oklahoma State softball makes NCAA Tournament

    Oklahoma State softball makes NCAA Tournament

    The Cougars enter with a 33-12 record and finished runner-up in the Northern Athletic Collegiate Conference (NACC) Tournament. Regional, Drake (43-10) and BYU (35-20) are joined by Albany (30-24) and the No. 1 overall team in the tournament, OR (47-7).
    Karnataka registers 72.13 % turnout, better than last election in 2013

    Karnataka registers 72.13 % turnout, better than last election in 2013

    However, before the formal announcement of the results, several agencies conducted exit polls, predicting the outcome. Karnataka has an electorate of over 4.97 crore, including 2.52 crore men and 2.45 crore women.
    Hamas leader heads to Cairo ahead of Gaza protests

    Hamas leader heads to Cairo ahead of Gaza protests

    Gaza's ruling Hamas movement urged tens of thousands of people to join Monday's protest to coincide with the embassy opening. Fifty-four Palestinians have been killed by Israeli fire since mass protests broke out along the border on March 30.
  • Warriors steal home-court advantage with Game 1 win over Rockets

    Warriors steal home-court advantage with Game 1 win over Rockets

    Harden played inspired, for most of his 35 minutes, finishing with a game-high 41 points and seven assists. They made good shots", he said. "We try to get good shots every time down and defend on the other end".
    Adam Burniston's Forecast | Tracking near record highs for Mother's Day

    Adam Burniston's Forecast | Tracking near record highs for Mother's Day

    It will be hot all weekend with high temperatures around 90° both days, but it will also be windy at times. Mother's Day turned out to be fairly active with showers and storms passing through this afternoon.
    SpaceX delays launch debut of upgraded Falcon rocket

    SpaceX delays launch debut of upgraded Falcon rocket

    Bangabandhu Satellite-1 will be deployed into a geostationary transfer orbit (GTO) approximately 33 minutes after launch. SpaceX is one of two private companies hired by NASA to ferry astronaut crews to the space station.
  • Vasyl Lomachenko KO's Jorge Linares

    Vasyl Lomachenko KO's Jorge Linares

    It's the modern way to want to call someone the greatest, and Lomachenko hasn't even fought 10 full rounds as a lightweight yet. The third saw Linares score with his telling right hooks which has been the main part of his arsenal throughout his career.
    MPC votes 7-2 to hold Bank Rate at 0.5%

    MPC votes 7-2 to hold Bank Rate at 0.5%

    The announcement comes just weeks after observers seemed nearly unanimous in their predictions of a May rise in interest rates. The inflation rates of the most import-intensive components of the CPI appear to have peaked.
    UFC 224 Results: Amanda Nunes stops Raquel Pennington in 5th round

    UFC 224 Results: Amanda Nunes stops Raquel Pennington in 5th round

    Lineker introduced his heavy hands at the midpoint of the first-round when he dropped Kelleher to the canvas with a left hook. Amanda Nunes didn't look like the same fighter who steamrolled Miesha Tate and Ronda Rousey in back-to-back 2016 fights.
  • The 2018 Nobel Prize For Literature Has Been Cancelled

    The 2018 Nobel Prize For Literature Has Been Cancelled

    A debate over how to face up to its flaws also divided its 18 members, who are appointed for life, into hostile camps. The Swedish Academy's annual meeting at the Stock Exchange Building in Stockholm , December 20, 2017.
    Amanda Bobby Cooper: Mackenzie Dern Missing Weight by 7 Pounds 'Incredibly Unprofessional'

    Amanda Bobby Cooper: Mackenzie Dern Missing Weight by 7 Pounds 'Incredibly Unprofessional'

    However, it was not the result that Cooper would have wished for as the jiu-jitsu ace finished her within a matter of minutes. Who would you like to see her fight next? "I'm ashamed of that and I don't want it to happen again ... but it's a mistake".
    Where would this season's Premier League be without Manchester City?

    Where would this season's Premier League be without Manchester City?

    Brighton manager Chris Hughton believes Liverpool have what it takes to challenge for the Premier League title next season. Manchester City have scored at least 3 goals in their last 3 away matches in the Premier League.