A postmortem on Efail
Mirimir
mirimir at riseup.net
Mon May 21 02:43:07 CEST 2018
On 05/19/2018 11:44 PM, Aleksandar Lazic wrote:
> Hi Robert.
>
> On 20/05/2018 02:26, Robert J. Hansen wrote:
>> Writing just for myself -- not for GnuPG and not for Enigmail and
>> definitely not for my employer -- I put together a postmortem on Efail.
>> You may find it worth reading. You may also not. Your mileage will
>> probably vary. :)
>>
>> https://medium.com/@cipherpunk/efail-a-postmortem-4bef2cea4c08
>
> As a long time reader and partly gpg user I would like to thank you for
> the post.
>
>>From my point of view must be something more behind the curtain.
>
> I do not want to create a conspiracy theory but it's wiggy that
> EFF favors *NO* security ,pgp or s/mime, instead to fix the current
> possibilities and promote signal.
I read the EFF warning as a temporary measure, to prevent adversaries
from sending cyphertext, and getting plaintext back. Until these
exploits were blocked. And if necessary, to use Signal in the interim.
<SNIP>
More information about the Gnupg-users
mailing list