OpenPGP

Enigmail verschickt Krypto-Mails im Klartext (heise security article)

2018/10/03: Heise security article on the Enigmail bug under WindowsRead more

Modelling an abuse-resistant OpenPGP keyserver, Daniel Kahn Gillmor, OpenPGP Mailing List, 2019/04/04

2019/04/04: Email sent to the OpenPGP and SKS mailing list about the problems faced by the keyserver and proposing what could be solutionsRead more

Was the Efail disclosure horribly screwed up? – A Few Thoughts on Cryptographic Engineering (blog post)

2018/05/17: Matthew Green thoughts on the EFAIL vulnerabilities disclosure, its handling and the future of PGPRead more

6/12/2016 - Filippo Valsorda: "I'm giving up on PGP"

2016/12/06: 

Filippo Valsorda's post on the reasons why he decided to dive up on PGP. Among these reasons, we find the lack of people actually using PGP, the usability of the software programs, and, above all, the security of the long term key.
[QUotation style:] "The more
...Read more
What's the matter with PGP? (Matthew Green blog post)

2014/08/13: Green's criticisms towards OpenPGPRead more

EFAIL bundle

Efail: Breaking S/MIME and OpenPGP Email Encryption using Exfiltration Channels (draft 0.9.1)
EFF : Attention PGP Users New Vulnerabilities Require You To Take Action Now (EFF article)
PGP und S/MIME abschalten (Golem article)
Major eFail Vulnerability Exposes PGP Encrypted Email -- UPDATED (Forbes article)
Verschlüsselte E-Mails sind nicht sicher (Süddeutsche article)
Critical Flaws in PGP and S/MIME Tools Can Reveal Encrypted Emails in Plaintext (TheHackerNews article)
Efail or OpenPGP is safer than S/MIME (W. Koch email)
#EFail - the security industry and the importance of nuance (HackDefense article)
Encrypted Email Has a Major, Divisive Flaw (Wired article)
S/MIME artists: EFAIL email app flaws menace PGP-encrypted chats (The Register article)
PGP und S/MIME: E-Mail-Verschlüsselung akut angreifbar (Heise Security article)
No, PGP is not broken, not even with the Efail vulnerabilities (1. Prontomail article)
A unified timeline of Efail PGP disclosure events
Efail: What A Disclosure FAIL That Was! (RBS article)
Statement on Efail research (Gpg4win)
Email Is Dangerous (The Atlantic article)
efail: Outdated Crypto Standards are to blame (Hanno's blog)
Die wichtigsten Fakten zu Efail (Golem article)
What “Efail” Tells Us About Email Vulnerabilities and Disclosure (Lawfare article)
How To Turn PGP Back On As Safely As Possible (EFF article)
HTML MAils have no Security Concept and are to blame (Hanno's blog)
Was the Efail disclosure horribly screwed up? – A Few Thoughts on Cryptographic Engineering (blog post)
Encryption? This time it'll be usable, Thunderbird promises (The Register article)
Sebastian Schinzel Tweet about EFAIL vunlerability
HTML MAils have no Security Concept and are to blame (Hanno's blog)

2018/06: Hanno Böck's toughts and opinions on HTML mails and its roles in the EFAIL vulnerabilitiyRead more

The PGP Problem (Latacora blog post)

2019/07/16:

The aim of this article is very clear right from the start: to convince the readers not to use PGP. The first paragraph set the pace:

Cryptography engineers have been tearing their hair out over PGP's de ciencies for (literally) decades.

...Read more

openpgp-wg/rfc4880bis repository on gitlab

https://gitlab.com/openpgp-wg/rfc4880bis

Sebastian Schinzel Tweet about EFAIL vunlerability

ENIGMAIL/P≡P: Current release for Windows is faulty (Blog post)

2018/10/03: PEP foundation blog post on Enigmail/p≡p faulty update for Windows and updates about the solutionsRead more

Critical PGP and S/MIME bugs can reveal encrypted emails—uninstall now (ARS TECHNICA, screenshot)

Subscribe to OpenPGP
Need help with PECE?
Join the PECE Slack channel