vulnerability disclosure

No, PGP is not broken, not even with the Efail vulnerabilities (1. Prontomail article)

2018/05/15: Article going through why PGP isn't "broken" even though vulnerabilities have been found in it. 

Reaction to this article available here : more

Encrypted Email Has a Major, Divisive Flaw (Wired article)

2018/05/14: Article on the story of the EFAIL vulnerabilities concerning OpenPGP and S/MIME encrypted emailRead more

#EFail - the security industry and the importance of nuance (HackDefense article)

2018(05/14: Article criticizing the handling of the EFAIL vulnerabilities disclosureRead more

S/MIME artists: EFAIL email app flaws menace PGP-encrypted chats (The Register article)

2018/05/14: Article describing the EFAIL vulnerabilities concerning OpenPGP and S/MIME encrypted emailRead more

EFF : Attention PGP Users New Vulnerabilities Require You To Take Action Now (EFF article)

2018/05/14: EFF statement regarding the newly disclosed vulnerabilities affecting PGP and S/MIME usersRead more

Efail or OpenPGP is safer than S/MIME (W. Koch email)

2018/05/14: Werner Koch statement on EFAIL vulnerabilities concerning OpenPGP and S/MIME encrypted emailRead more

Ballot box not hacked, errors in the source code – Swiss Post temporarily suspends its e-voting system

2019/03/29 : Swiss Post official press release on their decision to put on hold their e-voting system due to the recent disclosure of vulnerabilities in their source code. Followed by facts and figures on the public intrusion test on the e-voting system.Read more

PGP und S/MIME abschalten (Golem article)

2018/05/14: Article on the disclosed vulnerabilities in OpenPGP and S/MIMERead more

"Ceci n’est pas une preuve : The use of trapdoor commitments in Bayer-Groth proofs and the implications for the verifiabilty of the Scytl-SwissPost Internet voting system"

2019/03/12: Report of researchers who found a vulnerability in the SwissPost e-voting shuffle. The trapdoor commitment scheme allows an undetectable vote manipulation. Two examples are shown in the report

Brief Summary hereRead more

PGP: Encryption Program Used by Edward Snowden 'Can Leak Secret Messages' (Newsweek article)

2018/05/14: Newsweek article about EFAIL disclosure.

This article is interesting as it makes the link between the EFAIL disclosure and the emblematic figure of digital rights activist Edward Snowden:

PGP, which is used to scramble the content of sensitive messages and

...Read more
Subscribe to vulnerability disclosure