Critical PGP & S/MIME Bugs Can Decrypt Plain Text From Emails
technology

EFAIL: Critical PGP & S/MIME Bugs Can Decrypt Plain Text From Emails

It’s unethical but sadly true.

EFAIL: Critical PGP & S/MIME Bugs Can Decrypt Plain Text From Emails

PGP and S/MIME that every one of us knows as an email encryption methods are very much vulnerable to hacking. And, through the hacking, even an encrypted message can easily be hacked to get the message from the text. The warning has come directly from Sebastian Schinzel, professor of computer security at the Münster University of Applied Sciences. Through the post, he warned, “There are currently no reliable fixes for the vulnerability. If you use PGP/GPG or S/MIME for very sensitive communication, you should disable it in your email client for now.”

Reporting the issue in the blog post in partnership with EFF or Electronic Frontier Foundation along with writing about the same on the twitter, Sebastian Schinzel wrote, “EFF has been in communication with the research team, and can confirm that these vulnerabilities pose an immediate risk to those using these tools for email communication, including the potential exposure of the contents of past messages.” 

Both Schinzel and the EFF blog post talked about the issues, the measures that could be taken and the vulnerabilities that come along with the threat and advised to uninstall plugins like Thunderbird, Outlook, and Mac OS mail. The instruction advises disabling PGP integration in e-mail clients." Interestingly, there's no advice to remove PGP apps such as Gpg4win or GNU Privacy Guard. Once the plugin tools are removed from Thunderbird, Mail, or Outlook, the EFF post said, "your emails will not be automatically decrypted."

On the similar issues, EFF went ahead on Twitter to announce, "do not decrypt encrypted PGP messages that you receive using your email client." 

 

 

As it is a very new and something of its kind of issues, there is limited information available on the same. However, the twitter message on Schinzel’s news feed used the hashtag #efail, which indicates that researchers will be addressing the issue with the similar hashtag in the upcoming releases. The team of researchers includes some prominent professionals who hold expertise in the subject-matter. The names include Simon Friedberger, Damian Poddebniak, Jens Müller, Jörg Schwenk, Christian Dresen,  juraj somorovsky, and Fabian Ising. Besides Münster University, the researchers also represent Ruhr-University and KU Leuven University.
 

MAD Team
Written By

MobileAppDaily host a team of experienced technical writers, industry wizards, and app experts who have an exact knack of content that caters to the needs of the mobile app targeted audience. We strive to bring you the best of tech!

Top Companies

InMobi
Singapore
Dot Com Infoway
New York, USA
M&C Saatchi Mobile
New York City, USA
Techmagnate
New Delhi, India
Fetch
London, UK
View full report

Latest Articles

Join our global community 135K Followers
technology

Google Fetches Your Location Via Android Devices Even After You Disable The Location Service

MAD Team 4 min read  

How many of you know that the most of the tech companies use the smartphone user’s location information without their concern? Removing the SIM cards and switching off the phone may give you the relaxation of getting off the radar. However, Google uses its Android devices to acquire the locati

technology

How Artificial Intelligence Is Influencing Education

MAD Team 4 min read  

While we slowly include a technology-driven style into all the spheres of our everyday life, it’s obvious that computers, IT and AI have already been helping us not only with household chores but also with other important things.When we hear about technologies – we may immediately im

technology

Oppo Launches Find X With Motorize Camera

MAD Team 4 min read  

The longtime rumored Oppo Find X smartphone finally came out of the shadows today. Oppo will be setting a new trend in the mobile app industry with Find X. In 2018 the smartphone makers were following the trend of incorporating the large screens into a smaller shell using a notch in the display. How

technology

Amazon Key App Updated With Fingerprint Authentication

MAD Team 4 min read  

Amazon Key, the app that kicks off the home-delivery glitches for the courier professions has now been integrated with an added layer of security. The service makes it easy for company’s couriers to access the delivery address to drop off the parcels. Amazon Key app is designed to work with ho