vulnerability disclosure

Die wichtigsten Fakten zu Efail (Golem article)

2018/05/22: Article analyzing and answering questions linked to the EFAIL vulnerabilitiesRead more

Sarah Jamie Lewis’s thread releasing vulnerability report in the Swiss Post e-voting system

thread_23.jpg

#EFail - the security industry and the importance of nuance (HackDefense article)

2018(05/14: Article criticizing the handling of the EFAIL vulnerabilities disclosureRead more

EFAIL bundle

Efail: Breaking S/MIME and OpenPGP Email Encryption using Exfiltration Channels (draft 0.9.1)

EFF : Attention PGP Users New Vulnerabilities Require You To Take Action Now (EFF article)

PGP und S/MIME abschalten (Golem article)

Major eFail Vulnerability Exposes PGP Encrypted Email -- UPDATED (Forbes article)

Verschlüsselte E-Mails sind nicht sicher (Süddeutsche article)

Critical Flaws in PGP and S/MIME Tools Can Reveal Encrypted Emails in Plaintext (TheHackerNews article)

Efail or OpenPGP is safer than S/MIME (W. Koch email)

#EFail - the security industry and the importance of nuance (HackDefense article)

Encrypted Email Has a Major, Divisive Flaw (Wired article)

S/MIME artists: EFAIL email app flaws menace PGP-encrypted chats (The Register article)

PGP und S/MIME: E-Mail-Verschlüsselung akut angreifbar (Heise Security article)

No, PGP is not broken, not even with the Efail vulnerabilities (1. Prontomail article)

A unified timeline of Efail PGP disclosure events

Efail: What A Disclosure FAIL That Was! (RBS article)

Statement on Efail research (Gpg4win)

Email Is Dangerous (The Atlantic article)

efail: Outdated Crypto Standards are to blame (Hanno's blog)

Die wichtigsten Fakten zu Efail (Golem article)

What “Efail” Tells Us About Email Vulnerabilities and Disclosure (Lawfare article)

How To Turn PGP Back On As Safely As Possible (EFF article)

HTML MAils have no Security Concept and are to blame (Hanno's blog)

Was the Efail disclosure horribly screwed up? – A Few Thoughts on Cryptographic Engineering (blog post)

Encryption? This time it'll be usable, Thunderbird promises (The Register article)

Sebastian Schinzel Tweet about EFAIL vunlerability

Researchers Find Critical Backdoor in Swiss Online Voting System (Motherboard article)

2019/03/12: Motherboard article about critics concerning Swiss Post e-voting systemRead more

Efail full disclosure (Sebastian Shinzel's Tweet)

180514-schinzels_tweet_full_disclosure.jpg

Tweet

Major eFail Vulnerability Exposes PGP Encrypted Email -- UPDATED (Forbes article)

2018/05/14: Article reviewing the story of the EFAIL vulnerabilities concerning PGP encrypted emailRead more

Critical Flaws in PGP and S/MIME Tools Can Reveal Encrypted Emails in Plaintext (TheHackerNews article)

2018/05/14: Article on the EFAIL vulnerbilities concerning OpenPGP and S/MIME encrypted emailRead more

Federal Chancellery to review evoting

2019/03/29: Federal Chancellery official statement concerning the decision of Swiss Post to suspend their e-voting system after new vulnerabilities have been found during their Public Intrusion Test.Read more

Addendum to How not to prove your election outcome

2019/03/29: extension to How Not To Prove Your Election Outcome by the same team of researchersRead more

S/MIME artists: EFAIL email app flaws menace PGP-encrypted chats (The Register Comments section)

2018/05/14: Comments section under the article of The Register "S/MIME artists: EFAIL email app flaws menace PGP-encrypted chats"Read more

Paypal bug $10K - All Secondary users account takeover leads to unauthorized money transfer from paypal business accounts (blog post)

2019/07/30: Mohd Haji's blog post on one of findings in Paypal. Explanation of the vulnerability he found and the steps he took.Read more