LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > General
User Name
Password
General This forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!

Notices


Reply
  Search this Thread
Old 05-14-2018, 05:48 PM   #1
Habitual
LQ 5k Club
 
Registered: Jan 2011
Location: Yawnstown, Ohio
Distribution: High Sierra
Posts: 8,895
Blog Entries: 28

Rep: Reputation: Disabled
PGP Vulnerability Pre-announced By Security Researcher


Ouch.
https://hackaday.com/2018/05/14/pgp-...ty-researcher/
 
Old 05-14-2018, 07:31 PM   #2
ntubski
Senior Member
 
Registered: Nov 2005
Distribution: Debian, Arch
Posts: 3,339

Rep: Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501
https://lists.gnupg.org/pipermail/gn...ay/060334.html


Quote:
An Official Statement on New Claimed Vulnerabilities
== ======== ========= == === ======= ===============
by the GnuPG and Gpg4Win teams

(This statement is only about the susceptibility of OpenPGP, GnuPG, and
Gpg4Win. It does not cover S/MIME.)

Recently some security researchers published a paper named "Efail:
Breaking S/MIME and OpenPGP Encryption using Exfiltration Channels".
The EFF has gone so far as to recommend immediately uninstalling
Enigmail. We have three things to say, and then we're going to show you
why we're right.

1. This paper is misnamed.

2. This attack targets buggy email clients.

3. The authors made a list of buggy email clients.

[...]


The authors have done the community a good service by cataloguing buggy
email email clients. We're grateful to them for that. We do wish,
though, this thing had been handled with a little less hype. A whole
lot of people got scared, and over very little.
 
Old 05-14-2018, 08:35 PM   #3
frankbell
LQ Guru
 
Registered: Jan 2006
Location: Virginia, USA
Distribution: Slackware, Debian, Mageia, and whatever VMs I happen to be playing with
Posts: 13,472
Blog Entries: 18

Rep: Reputation: 3550Reputation: 3550Reputation: 3550Reputation: 3550Reputation: 3550Reputation: 3550Reputation: 3550Reputation: 3550Reputation: 3550Reputation: 3550Reputation: 3550
From Bruce Schneier: https://www.schneier.com/blog/archiv...s_on_a_ne.html
 
Old 05-15-2018, 04:18 PM   #4
Habitual
LQ 5k Club
 
Registered: Jan 2011
Location: Yawnstown, Ohio
Distribution: High Sierra
Posts: 8,895
Blog Entries: 28

Original Poster
Rep: Reputation: Disabled
Like who's gonna second guess Phil Zimmerman's code?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Researcher unveils second Samsung Pay vulnerability LXer Syndicated Linux News 0 10-19-2016 03:12 PM
LXer: Security researcher arrested for disclosing US election website vulnerabilities LXer Syndicated Linux News 0 05-10-2016 02:46 AM
AirTight Security Researcher Uncovers Wi-Fi Vulnerability in WPA2 win32sux Linux - Security 5 08-03-2010 01:52 AM
LXer: Security Researcher to release Cisco rootkit at EUSecWest LXer Syndicated Linux News 0 05-16-2008 11:50 AM

LinuxQuestions.org > Forums > Non-*NIX Forums > General

All times are GMT -5. The time now is 08:28 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration