sylvi Annotations

What were the critics about the EFAIL disclosure?

Thursday, November 28, 2019 - 1:20pm

The rough reaction to the public announcement of EFAIL unfolded several dimensions.

  • Some people claimed that this series of vulnerabilities was nothing new because email encryption was dead for years because the protocols use old cryptographic schemes.
  • Others were accusing the researchers of putting journalists and political activists at risk by announcing an unpatched vulnerability on protocols they use and need without giving usable solutions.
  • There were also many critics about the fact that the researchers gave the vulnerability a name, a website and even a logo, which is certainly useful to publicize the findings but does no good to the security, according to these critical voices.
  • There were also more neutral reactions that commented the challenges of such a disclosure.

Debates raged for nearly two weeks in the several online platforms we tracked before slowly fading away.

Creative Commons Licence