Yikes, EFF warning of PGP vulnerability - action required
Just repeating this warning from EFF. They're suggesting temporarily disabling auto-decryption of PGP-encrypted mail pending the full vulnerability announcement.
"A group of European security researchers have released a warning about a set of vulnerabilities affecting users of PGP and S/MIME. EFF has been in communication with the research team, and can confirm that these vulnerabilities pose an immediate risk to those using these tools for email communication, including the potential exposure of the contents of past messages."
https://www.eff.org/deeplinks/2018/05/attention-pgp-users-new-vulnerabilities-require-you-take-action-now
unsigned_nerd, unsigned_nerd shared this.
I was never keen on email clients executing javascript that turns up in email by default
that always looked dangerous
This press release from gpg has relevant informations
https://lists.gnupg.org/pipermail/gnupg-users/2018-May/060334.html
(sorry if it has already been posted and was lost in the client-glitch repeated comments)
Thanks Elena, I hadn't had a chance to look into the the reality of issue. This is a helpful article.