Johnny-You-Are-Fired
Patrick Brunschwig
patrick at enigmail.net
Fri May 17 17:40:18 CEST 2019
On 16.05.2019 21:27, Stefan Claas wrote:
> Am Thu, 16 May 2019 18:11:27 +0200
> schrieb Patrick Brunschwig <patrick at enigmail.net>:
>
>> On 15.05.2019 17:17, Stefan Claas wrote:
>>> Hi all,
>>>
>>> I have read this in German News and wonder why
>>> MUAs in 2019 are still vulnerable?
>>>
>>> https://github.com/RUB-NDS/Johnny-You-Are-Fired/
>>
>> This is mostly a summary of the various failures that were discovered
>> with EFAIL and shortly thereafter. Most MUAs have been fixed against
>> these attacks by now.
>
> Are you sure? I remember Efail. Why would the BSI and press publish
> then such things recently? I would assume that no one is interested
> in old news or summaries regarding Efail.
I can only speak for Enigmail (and to some degree for Thunderbird).
The errors described where Enigmail is mentioned/affected were all
discovered last spring/summer (i.e. shortly after EFAIL), and were
addressed last year.
-Patrick
More information about the Gnupg-users
mailing list