Re: [Enigmail] Fwd: Fwd: [Private Internet Access] Re: pia and thunderbird

2018-05-17 Thread Ian Mann
​Try having/selecting the PIA server in your own country​ On Thu, 17 May 2018 at 21:28, christophe salomon via enigmail-users < enigmail-users@enigmail.net> wrote: > > > > -- Forwarded message -- > From: christophe salomon > To: enigmail-users@enigmail.net >

Re: [Enigmail] Fwd: Fwd: [Private Internet Access] Re: pia and thunderbird

2018-05-17 Thread Sebastian
Hi, I don't see how that is related to Enigmail, it is about your E-Mail Setup and the server you are using for sending. Sebastian On 05/17/2018 01:27 PM, christophe salomon via enigmail-users wrote: > > Dear support and users, > > As you will see below , Pia is not letting send encrypted

[Enigmail] Fwd: Fwd: [Private Internet Access] Re: pia and thunderbird

2018-05-17 Thread christophe salomon via enigmail-users
--- Begin Message --- sending it again i am a member now Message transféré Sujet : Fwd: [Private Internet Access] Re: pia and thunderbird Date : Thu, 17 May 2018 13:23:39 +0200 De :christophe salomon Pour : enigmail-users@enigmail.net Dear

Re: [Enigmail] [ANN] Enigmail 2.0.4 available - better protection against Efail

2018-05-17 Thread Patrick Brunschwig
The enforcement for MDC has been introduced in Enigmail 2.0 for "new" cipher algorithms (AES in all variants, TWOFISH, CAMELLIA). In Enigmail 2.0.4 this was extended this to all cipher algorithms. -Patrick On 17.05.18 09:17, Wolf wrote: > Since which Version ist that the case? (As maybe

Re: [Enigmail] [ANN] Enigmail 2.0.4 available - better protection against Efail

2018-05-17 Thread Wolf
Since which Version ist that the case? (As maybe changelog is of little help with the secrecy recently) Am May 17, 2018 6:35:32 AM UTC schrieb Patrick Brunschwig : >I fear that that's likely to happen. A measure against the Efail >vulnerability was to disable decryption of

[Enigmail] Better EFFail protection for old gpg versions and 3DES

2018-05-17 Thread Werner Koch
Hi! I just implemented a robust detection for a missing MDC in GPGME. This works with all GnuPG versions since 2.0.19 (March 2012) and is future proof. It is based on the DECRYPTION_INFO status which GPGME already parses. Code speaks more than words: --8<---cut

Re: [Enigmail] [ANN] Enigmail 2.0.4 available - better protection against Efail

2018-05-17 Thread Patrick Brunschwig
I fear that that's likely to happen. A measure against the Efail vulnerability was to disable decryption of messages that have no MDC protection. It's fairly possible that old messages (using old algorithms) have no MDC protection - but there is no way out. You'd risk to be attacked _very_ easily