security vulnerability

Statement on Efail research (Gpg4win)

2018/05/17: Gpg4win statement regarding the EFAIL vulnerabilities and its media coverageRead more

Trojan Source: Invisible Vulnerabilities (Boucher and Anderson article)

2021/10/30 : Nicholas Boucher and Ross Anderson "present a new type of attack in which source code is maliciously encoded so that it appears different to a compiler and to the human eye." This new threat has been called 'Trojan Source'.

Read more

Reaction to SwissPost announcement of their source code correction (tweets)

Sarah Jamie Lewis' thread on Scytl statements

Trapdoor commitments in the SwissPost e-voting shuffle proof

2019/03/12 : Report of researchers who found a vulnerability in the SwissPost e-voting shuffle. The trapdoor commitment scheme allows an undetectable vote manipulation.

Full version hereRead more

How Not to Prove Your Election Outcome (Vanessa Teague presentation)

Email Is Dangerous (The Atlantic article)

2018/05/21: Article on who is concerned by the EFAIL vulnerabilities and why email, in general, isn't securedRead more

Sarah Jamie Lewis' thread reacting to Scytl's first statement about Swiss Post e-voting system

Efail: What A Disclosure FAIL That Was! (RBS article)

2018/05/16: Article criticizing the handling of the EFAIL vulnerabilities disclosureRead more

PGP und S/MIME: E-Mail-Verschlüsselung akut angreifbar (Heise Security article)

2018/05/14: Article on the EFAIL vulnerabilities concerning OpenPGP and S/MIME encrypted emailRead more

Encrypted Email Has a Major, Divisive Flaw (Wired article)

2018/05/14: Article on the story of the EFAIL vulnerabilities concerning OpenPGP and S/MIME encrypted emailRead more

Efail or OpenPGP is safer than S/MIME (W. Koch email)

2018/05/14: Werner Koch statement on EFAIL vulnerabilities concerning OpenPGP and S/MIME encrypted emailRead more

Subscribe to security vulnerability
Need help with PECE?
Join the PECE Slack channel