Efail

Encrypted Email Has a Major, Divisive Flaw (Wired article)

2018/05/14: Article on the story of the EFAIL vulnerabilities concerning OpenPGP and S/MIME encrypted emailRead more

efail: Outdated Crypto Standards are to blame (Hanno's blog)

2018/05/22: Hanno Böck's thoughts and opinion about the EFAIL vulnerability, OpenPGP and S/MIME,Read more

Efail: Welche E-Mail-Clients sind wie sicher? (Heise article)

2018/05/23 an article published in Heise some days after EFAIL public disclosure. It discusses the status of some fixes in email clients.Read more

PGP und S/MIME: So funktioniert Efail (Heise article)

2018/05/14: Heise Security article explaining how EFAIL worksRead more

Kommentar: Efail ist ein EFFail (Heise article)

2018/5/16 - two days after the public disclosure, Heise published a commentary about the disclosure process.

PGP ist nicht kaputt. Wenn man allerdings große Teile der Berichterstattung über die Efail-Lücken verfolgt hat, könnte man zu diesem Schluss

...Read more
Efail: What A Disclosure FAIL That Was! (RBS article)

2018/05/16: Article criticizing the handling of the EFAIL vulnerabilities disclosureRead more

Major eFail Vulnerability Exposes PGP Encrypted Email -- UPDATED (Forbes article)

2018/05/14: Article reviewing the story of the EFAIL vulnerabilities concerning PGP encrypted emailRead more

EFAIL bundle

Efail: Breaking S/MIME and OpenPGP Email Encryption using Exfiltration Channels

EFAIL Usenix paper, released (in a draft version) on may 14, 2018 due to embargo break. It describes the EFAIL attacks (technique: malleability gadgets) to reveal plaintext of emails encrypted with S/MIME and OpenPGP.Read more

Subscribe to Efail