mossy: >>> On 05/14/2018 10:33 AM, [email protected] wrote: >>> I know that right now details are sketchy but the advice of disabling >>> PGP is sound at least until we get to know more information, especially >>> since it's coming from reputable researchers and the EFF (links below >>> but I guess everybody here already knows about that), so obviously that >>> there is ground for worry. >>> >>> Do any of the Qubes users or devs know more at present about this >>> issue or have advice to provide, aside from waiting for the publication >>> of the research paper tomorrow morning (15th of May) and stopping using >>> Split-GPG for the time being as a precaution? >>> >>> >>> https://www.eff.org/deeplinks/2018/05/attention-pgp-users-new-vulnerabilities-require-you-take-action-now >>> >>> >>> https://arstechnica.com/information-technology/2018/05/critical-pgp-and-smime-bugs-can-reveal-encrypted-e-mails-uninstall-now/ >>> >>> Thanks. >> 'Leo Gaspard' via qubes-users: >> I can't tell for sure for not having read the paper, but it sounds like >> too much hype for vulnerabilities not so important: >> >> https://lists.gnupg.org/pipermail/gnupg-users/2018-May/060317.html >> >> https://lists.gnupg.org/pipermail/gnupg-users/2018-May/060315.html >> (Werner being the maintainer of GnuPG) >> >> So I wouldn't worry about (but why not disable automatic >> decryption/verification of incoming emails in the meantime, doesn't cost >> much) >> >> > > I would expect that if indeed this bug allows exfiltration of PGP > private keys, then qubes-splt-gpg would defend against this. Unless "an > oracle" does something magical that doesn't steal the PGP private key > directly (see below). > > For our friends/colleagues/comrades who are especially concerned or who > are not yet qubes or qubes-split-gpg users, if HTML is the problem (as > Werner suggests) I suggest to mitigate as follows: > > in the Thunderbird menu: > 1) View -> Message Body As > [*] Plain Text > 2) View -> [ ] Display Attachments Inline [should be NOT selected] > > As I understand it, this works because split gpg doesn't expose private > keys to the mail client but instead sends encrypted emails to the vault > qube/AppVM for decryption. > > My question for more knowledgeable friends here would be, what is meant > in Werner's message -- > https://lists.gnupg.org/pipermail/gnupg-users/2018-May/060315.html -- by > "an oracle for modified encrypted mails"? My understanding of PGP is > that PGP/GPG encrypts/decrypts a short-lived symmetric key that is > actually used to encrypt/decrypt the message, so analysis of both the > plaintext and ciphertext of a single message would (at best, if this > were feasible) give you insight into the symmetric key, and not the PGP > private key itself. > > But someone who understands more deeply, please enlighten us! > > -m0ssy >
embargo broken early, attack/vulnerability details here -- https://efail.de/ (and yes it seems like disabling HTML will mitigate the most reliable/least complex attacks) -m0ssy -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/881eb105-f4ce-10c7-8c63-a066d505d4ac%40riseup.net. For more options, visit https://groups.google.com/d/optout.
