Critical PGP & S/MIME Bugs Can Decrypt Plain Text From Emails
technology

EFAIL: Critical PGP & S/MIME Bugs Can Decrypt Plain Text From Emails

It’s unethical but sadly true.

https://dk2dyle8k4h9a.cloudfront.net/EFAIL: Critical PGP & S/MIME Bugs Can Decrypt Plain Text From Emails

PGP and S/MIME that every one of us knows as an email encryption methods are very much vulnerable to hacking. And, through the hacking, even an encrypted message can easily be hacked to get the message from the text. The warning has come directly from Sebastian Schinzel, professor of computer security at the Münster University of Applied Sciences. Through the post, he warned, “There are currently no reliable fixes for the vulnerability. If you use PGP/GPG or S/MIME for very sensitive communication, you should disable it in your email client for now.”

Reporting the issue in the blog post in partnership with EFF or Electronic Frontier Foundation along with writing about the same on the twitter, Sebastian Schinzel wrote, “EFF has been in communication with the research team, and can confirm that these vulnerabilities pose an immediate risk to those using these tools for email communication, including the potential exposure of the contents of past messages.” 

Both Schinzel and the EFF blog post talked about the issues, the measures that could be taken and the vulnerabilities that come along with the threat and advised to uninstall plugins like Thunderbird, Outlook, and Mac OS mail. The instruction advises disabling PGP integration in e-mail clients." Interestingly, there's no advice to remove PGP apps such as Gpg4win or GNU Privacy Guard. Once the plugin tools are removed from Thunderbird, Mail, or Outlook, the EFF post said, "your emails will not be automatically decrypted."

On the similar issues, EFF went ahead on Twitter to announce, "do not decrypt encrypted PGP messages that you receive using your email client." 

 

 

As it is a very new and something of its kind of issues, there is limited information available on the same. However, the twitter message on Schinzel’s news feed used the hashtag #efail, which indicates that researchers will be addressing the issue with the similar hashtag in the upcoming releases. The team of researchers includes some prominent professionals who hold expertise in the subject-matter. The names include Simon Friedberger, Damian Poddebniak, Jens Müller, Jörg Schwenk, Christian Dresen,  juraj somorovsky, and Fabian Ising. Besides Münster University, the researchers also represent Ruhr-University and KU Leuven University.
 

Neha Baluni
Written By Neha Baluni

Being a Senior Technical Writer at MobileAppDaily, Neha Baluni loves jotting down her piece of opinion for the advancing technology in mobile app world. Having a journalism background, she is a writer by day and a reader by night. Her passion for writing covers different categories of technical and non-technical genre. In addition to writing, Neha loves traveling a lot.

Top Companies

InMobi
Singapore
Dot Com Infoway
New York, USA
M&C Saatchi Mobile
New York City, USA
Techmagnate
New Delhi, India
Fetch
London, UK
View full report

Latest Articles

Join our global community 135K Followers
technology

Today

Joshua Anderson 4 min read  

Smartphones have changed the world and our life in every aspect. There was a time when for a single task we need to plug in our computers and spend a lot of time to get it done, but now smartphones have changed everything around us. Whether it is social media, news, professional work and internet ac

technology

Ahead of WWDC, Apple Introduces iOS 12 With Memoji And Smart Camera

Neha Baluni 4 min read  

Following an event closely has the benefits of its own. You don’t need to turn back the pages. And, that saves the time and allows you to remain abreast to the latest commotion happening around. If you are still clueless, let me spill the beans, I am talking none other than the introduction of

technology

The Top 5 Leading Ladies in Tech World You Should be Following

Joshua Anderson 4 min read  

The world is transforming at a very high rate and everything is changing with the pace that may be in years we will witness an entirely new era. Along with the technology, the position and role of the women in today’s world are also evolved with the time. Not so far from now just a couple of y

technology

Google Won't Let Employees To Post Negative Reviews About Businesses

Akash Singh Chauhan 4 min read  

Google has updated the guidelines of its business tool that helps the users to know about any business or company using the search engine. According to the changes now, no employee can post the negative reviews for its current or former employer. The business tool that delivers the information about