Slashdot Mirror
Attention PGP Users: New Vulnerabilities Require You To Take Action Now (eff.org)
A group of European security researchers have released a warning about a set of vulnerabilities affecting users of PGP and S/MIME. From a report: EFF has been in communication with the research team, and can confirm that these vulnerabilities pose an immediate risk to those using these tools for email communication, including the potential exposure of the contents of past messages. The full details will be published in a paper on Tuesday at 07:00 AM UTC (3:00 AM Eastern, midnight Pacific).
In order to reduce the short-term risk, we and the researchers have agreed to warn the wider PGP user community in advance of its full publication. Our advice, which mirrors that of the researchers, is to immediately disable and/or uninstall tools that automatically decrypt PGP-encrypted email. Until the flaws described in the paper are more widely understood and fixed, users should arrange for the use of alternative end-to-end secure channels, such as Signal, and temporarily stop sending and especially reading PGP-encrypted email. Further reading: People Are Freaking Out That PGP Is 'Broken' -- But You Shouldn't Be Using It Anyway (Motherboard).
In order to reduce the short-term risk, we and the researchers have agreed to warn the wider PGP user community in advance of its full publication. Our advice, which mirrors that of the researchers, is to immediately disable and/or uninstall tools that automatically decrypt PGP-encrypted email. Until the flaws described in the paper are more widely understood and fixed, users should arrange for the use of alternative end-to-end secure channels, such as Signal, and temporarily stop sending and especially reading PGP-encrypted email. Further reading: People Are Freaking Out That PGP Is 'Broken' -- But You Shouldn't Be Using It Anyway (Motherboard).
The key word was *automatically* – although it is not always clear in the press what you are supposed to do. So confusion will abound. No surprise there.
In the end, you can still use PGP, but you have to do more work to be safe. I think, if you understand how to use PGP to begin with, you can probably help yourself for now. If not, well ....
In your terms: keep your locks. But disable the remote locking feature (take the battery out) and don't use your app to lock your house - use your good old key you stored away in a box a long time ago. Yes, you will have to do actual work. And yes, someone can still break in - probably through the window. Or by kicking in the door ...
Do your own thing. And overdo it!
I'm no security expert, but allowing HTML mail to arbitrarily download embedded graphics in a mail client is just dumb. From my reading of the articles, doing that doesn't disable the problem, but keeps the information from escaping back to the malicious parties. This is a mail client problem triggering PGP to decrypt, then allowing the information to escape through embedded graphics, not a fundamental problem in PGP itself. Turning off HTML mail support at the client and just taking the text representation of the message looks like it completely defeats the hack. Tell me if I'm wrong.
The kicker is, you can't control what your correspondent does with his email client, so any encrypted messages you have sent could be compromised in this way. But that was always the case since you would rely on the recipient to safeguard the keys anyway.
This posting is provided 'AS IS' without warranty of any kind, implied or otherwise.
This could be misunderstood -- the whole point of the attack is that the attacker changes a non-HTML email into an HTML one. If your mail client doesn't support HTML (or displays the formatting but doesn't fetch anything) then you're fine.
This isn't correct.
There are two bugs. One is a sort of braindead one which only affects a small number of clients (including Thunderbird and Apple Mail), and has nothing to do with PGP or SMIME.
The other one is more serious, and does have to do with SMIME and PGP. Basically, if an attacker has a copy of an email which is encrypted but not signed, and knows what some of the plaintext is exactly, she can splice out those bits and put in other bits. And basically all e-mails contain things like Content-type: text/plain. So, an attacker can modify that to Content-type: text/html\n\n <img src=.
Regarding this bug, the website says:
I agree that it's a bug for MUAs to automatically download external content in encrypted emails. But it's a much more understandable bug to make.
TCP: Why the Internet is full of SYN.
Nobody said open source is a panacea to make software secure, bit it *is* a prerequisite for a user to verify that a piece of software is secure. It's like politicians that don't reveal their tax returns: those that don't do it aren't necessarily crooked, and those that do aren't necessarily honest. But one of the criteria for being certain that they're honest is to be able to audit those returns.