EFail - OpenPGP S/MIME Vulnerability
juan
juan.g71 at gmail.com
Wed May 16 18:05:18 PDT 2018
On Wed, 16 May 2018 01:52:12 -0400
Steve Kinney <admin at pilobilus.net> wrote:
>
>
> On 05/14/2018 01:48 PM, grarpamp wrote:
>
> > The EFAIL attacks break PGP and S/MIME email encryption by coercing
> > clients into sending the full plaintext of the emails to the
> > attacker.
>
> Werner & Co. respond:
>
> https://lists.gnupg.org/pipermail/gnupg-users/2018-May/060334.html
>
> Spoiler: If your e-mail client software is not borken and
> malconfigured, this is Not A Thing.
it doesn't have to be broken as far as I can tell. The trick to
get your client to decrypt a message and send the plaintext
conforms to the 'mime' protocol garbage.
It's a FEATURE not a bug!! =P
>
> If it is, you lost the game a long time ago because don't know
> anything about the rules, the board, the pieces or the objective.
>
> :o/
>
>
>
>
>
More information about the cypherpunks
mailing list