Privacy: Major Flaw Found in Secure Email Tech PGP (Pretty Good Privacy) and S/MIME
From the BBC:
PGP (Pretty Good Privacy) is a data encryption method sometimes added to programs that send and receive email.
Details about the vulnerability were released by the Suddeutsche Zeitung newspaper prior to a scheduled embargo.
Previously, the Electronic Frontier Foundation (EFF) had advised immediately disabling email tools that automatically decrypted PGP.
Read the Complete Article
See Also: Critical PGP and S/MIME bugs can reveal encrypted emails—uninstall now [Updated] (via ars technica)
Additional Resources
Not So Pretty: What You Need to Know About E-Fail and the PGP Flaw (via EFF)
Attention PGP Users: New Vulnerabilities Require You To Take Action Now (via EFF)
EFAIL Website
From group that discovered vulnerability.
EFAIL describes vulnerabilities in the end-to-end encryption technologies OpenPGP and S/MIME that leak the plaintext of encrypted emails.
Filed under: Data Files, News, Patrons and Users
About Gary Price
Gary Price (gprice@gmail.com) is a librarian, writer, consultant, and frequent conference speaker based in the Washington D.C. metro area. He earned his MLIS degree from Wayne State University in Detroit. Price has won several awards including the SLA Innovations in Technology Award and Alumnus of the Year from the Wayne St. University Library and Information Science Program. From 2006-2009 he was Director of Online Information Services at Ask.com.