[Cryptography] FW: [13 Principles] An important urgent notice from EFF regarding PGP and S/MIME communications.
Natanael
natanael.l at gmail.com
Mon May 14 18:10:27 EDT 2018
Den mån 14 maj 2018 21:35Jack Harper <harper at secureoutcomes.net> skrev:
>
> Am I correct that the found PGP flaw appears to only affect
> enciphered e-mail traffic and not files that are enciphered by PGP
> but not mailed?
>
> I use PGP to protect sensitive files on my laptop when traveling etc.
>
It affects all PGP encrypted files accessible to a malicious third party,
when you'll also later open them in a client that don't enforce secure
ciphertext authentication (correct usage of MDC in this case, alternatively
signature validation).
This include evil maid attacks (somebody messing with the files on your
devices as you're away from them), or malicious tampering on cloud hosts by
hackers or rouge employee.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20180515/ec734758/attachment.html>
More information about the cryptography
mailing list