On 05/14/2018 02:45 PM, mossy wrote: > embargo broken early, attack/vulnerability details here -- > https://efail.de/ > > (and yes it seems like disabling HTML will mitigate the most > reliable/least complex attacks)
Incidentally, the GnuPG press release, that raises the point that the paper may not be totally correct: https://lists.gnupg.org/pipermail/gnupg-users/2018-May/060334.html Also if I understand correctly the latest exchanges from the GnuPG ML, Enigmail 2.0 is safe from attack except for 3DES ciphertext, so the attack could there only turn enigmail as a 3DES-ciphertext-decrypting oracle. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/e69a90c3-0c95-2ece-a356-d2e860b74276%40leo.gaspard.ninja. For more options, visit https://groups.google.com/d/optout.
