Repo with test cases for covert content attacks

Stefan Claas sac at
Mon Aug 12 17:47:44 CEST 2019

Sebastian Schinzel wrote:

> Dear all,
> Jens Müller just gave a talk at DEFCON about Covert Content Attacks
> against S/MIME and OpenPGP encryption and digital signatures in the
> email context. He just published the PoC emails that he used in the talk
> and they might be useful for further testing.
> This is the paper describing the attacks from April 2019:

Thanks for the info. I do no longer use a GPG plug-in MUA
combination, but are these 'Johnny you are fired' issues 
already been resolved? I must admit I am a bit out of the


box: 4a64758de9e8ceded2c481ee526440687fe2f3a828e3a813f87753ad30847b56
GPG: C93E252DFB3B4DB7EAEB846AD8D464B35E12AB77 (avail. on Hagrid, WKD)

More information about the Gnupg-users mailing list