Attention PGP Users: New Vulnerabilities Require You To Take Action Now - 2 views
-
marliesarnhof on 14 May 18no cutting-edge space-related science, but important anyways
-
benjaminroussel on 15 May 18The EFF communicate is actually quite inaccurate. This is disappointing from the EFF, though for some part, it is due to the communication from the researchers who "discovered" the attack. PGP itself is not broken, but rather some implementations on some email clients (notably Enigmail, though it was patched several months ago). See https://protonmail.com/blog/pgp-vulnerability-efail/ On the other hand, if you are very keen on security, there is an XSS attack reported on Signal, so… https://thehackernews.com/2018/05/signal-messenger-code-injection.html The *good* recommendation here is actually rather to keep your software stack up to date (surprising, no?) and keep encrypting your emails.