I fear that that's likely to happen. A measure against the Efail vulnerability was to disable decryption of messages that have no MDC protection.
It's fairly possible that old messages (using old algorithms) have no MDC protection - but there is no way out. You'd risk to be attacked _very_ easily otherwise as the Efail paper clearly explains. I strongly suggest that you only read such old mails on the command line - there is no sensible safeguarding possible in Enigmail. -Patrick (CC-ing the Enigmail Mailing list, as I consider this important info for many other users too) On 17.05.18 08:27, Bitcoin Admin wrote: > > Hello, I can't use 2.0.4, after installation all my old encrypted > messages throw up an error (and don't decrypt anymore), the encryption > details show , however, that the correct keys were used. > How come? > > Tom > > > On 05/16/2018 04:40 PM, Patrick Brunschwig wrote: >> I have released Enigmail v2.0.4 for Thunderbird version 52 and SeaMonkey >> 2.46 and newer. >> >> >> Changes >> ======= >> This version implements two workarounds to prevent against "Efail" >> vulnerabilities (https://efail.de). I strongly recommend to upgrade to >> Enigmail 2.0.4 as soon as possible. >> >> >> Details >> ======= >> >> Efail: fail on GnuPG integrity check warnings for old Algorithms >> ---------------------------------------------------------------- >> >> Enigmail now discovers if GnuPG prints a warning message about missing >> MDC (Modification Detection Code) for old algorithms like CAST5 and >> treats it like a hard failure. Such a message will no longer be >> displayed. >> >> Efail: protect against remot URL calls in unpatched Thunderbird >> --------------------------------------------------------------- >> I implemented a workaround to prevent against leaking decrypted message >> data to remote URLs. This workaround is meant as temporary measure until >> Thunderbird has a more robust solution. The workaround protects >> successfully against the known forms of the vulnerabilities. >> >> I still recommend to use the "Simple HTML" view in Thunderbird >> (accessible via menu View > Message Body as > Simple HTML) to prevent >> from loading any remote content. >> >> >> Obtaining Enigmail >> ================== >> Enigmail can be downloaded from >> <https://www.enigmail.net/index.php/en/download/> >> >> The changelog is available from >> <https://www.enigmail.net/index.php/en/download/changelog> >> >> >> Additional Remarks >> ================== >> The new version is still waiting for approval on >> https://addons.mozilla.org; you should receive it automatically via the >> addons-update once the approval is made. >> >> -Patrick >> >> >> >> _______________________________________________ >> enigmail-users mailing list >> enigmail-users@enigmail.net >> To unsubscribe or make changes to your subscription click here: >> https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net > >
signature.asc
Description: OpenPGP digital signature
_______________________________________________ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
