2018/05/14: Werner Koch statement on EFAIL vulnerabilities concerning OpenPGP and S/MIME encrypted emailRead more
2018/06/13: Blog post on the "SigSpoof". Marcus Brinkmann found this vulnerability that allows spoofing “signed” messages that are not actually signed. This post proves the vulnerability and shows the medias' reactionsRead more
2019/03/12: Swiss Post official press release reacting to the vulnerability found by security researchers during the public intrusion test on their e-voting system.Read more
2018/05/17: Gpg4win statement regarding the EFAIL vulnerabilities and its media coverageRead more
2019/04/05: The Daily Swig article reviewing the controversies surrounding the Swiss Post public intrusion test for their e-voting systemRead more
2018/05/14: Article on the story of the EFAIL vulnerabilities concerning OpenPGP and S/MIME encrypted emailRead more
EFAIL Usenix paper, released (in a draft version) on may 14, 2018 due to embargo break. It describes the EFAIL attacks (technique: malleability gadgets) to reveal plaintext of emails encrypted with S/MIME and OpenPGP.Read more
2018/05/14: Article on the EFAIL vulnerbilities concerning OpenPGP and S/MIME encrypted emailRead more
2018/06/15: Article about the SigSpoof vulnerability which makes it possible for attackers to fake digital signaturesRead more
2018/05/21: Article on who is concerned by the EFAIL vulnerabilities and why email, in general, isn't securedRead more