Il 4/28/14, 9:25 AM, Fabio Pietrosanti (naif) ha scritto:
Il 11/24/13, 2:19 PM, Fabio Pietrosanti (naif) ha scritto:
I just wanted to notice that the mostly used encryption software like
GnuPG and Enigmail, have some privacy leak that in the XKEYSCORE's ages
could represent a major risk.
a)
) li...@infosecurity.ch
To: liberationtech@lists.stanford.edu
Sent: Monday, June 2, 2014 6:59:43 AM
Subject: Re: [liberationtech] Cryptography Leak in Enigmail / GnuPG
Il 4/28/14, 9:25 AM, Fabio Pietrosanti (naif) ha scritto:
Il 11/24/13, 2:19 PM, Fabio Pietrosanti (naif) ha scritto:
I just
Subject: Re: [liberationtech] Cryptography Leak in Enigmail / GnuPG
Il 4/28/14, 9:25 AM, Fabio Pietrosanti (naif) ha scritto:
Il 11/24/13, 2:19 PM, Fabio Pietrosanti (naif) ha scritto:
I just wanted to notice that the mostly used encryption software like
GnuPG and Enigmail, have some privacy
Il 6/2/14, 6:43 PM, Tomer Altman ha scritto:
Can you state precisely the threat model that you are concerned about?
You are right, the subject is not directly related to cryptography but
to security .
The threat model is better described in the ticket that has been opened
to various PGP email
, June 2, 2014 2:06:16 PM
Subject: Re: [liberationtech] Cryptography Leak in Enigmail / GnuPG
Il 6/2/14, 6:43 PM, Tomer Altman ha scritto:
Can you state precisely the threat model that you are concerned about?
You are right, the subject is not directly related to cryptography but
to security
Il 11/24/13, 2:19 PM, Fabio Pietrosanti (naif) ha scritto:
I just wanted to notice that the mostly used encryption software like
GnuPG and Enigmail, have some privacy leak that in the XKEYSCORE's ages
could represent a major risk.
a) Enigmail, Thunderbird's PGP plugin, does send
And, whether it's a Thunderbird bug or an Enigmail bug, Gmail emails
have a tendency to be sent (typically unencrypted) during draft
autosave. So that's fun.
Thunderbird makes me think of Mutt's slogan from 1995 - All email
clients are terrible. This one is just less terrible.
~Griffin
I just wanted to notice that the mostly used encryption software like
GnuPG and Enigmail, have some privacy leak that in the XKEYSCORE's ages
could represent a major risk.
a) Enigmail, Thunderbird's PGP plugin, does send X-Enigmail-Version:
header on ALL email sent, also the unencrypted one.
b)
On 11/24/2013 05:39 PM, Jacob Appelbaum wrote:
When a user uses TorBirdy with Enigmail and Thunderbird, we disable
those information leaks. We also have a mode (disabled by default due to
user complaints) to remove the keyid of the recipient from the PGP
encrypted message itself.
Important to