On 05/15/18 16:55, Patrick Brunschwig wrote:
> On 15.05.18 21:59, Michael Carbone wrote:
>> On 05/14/18 07:31, Patrick Brunschwig wrote:
>>> On 14.05.18 08:54, Michael Carbone wrote:
https://www.eff.org/deeplinks/2018/05/attention-pgp-users-new-vulnerabilities-require-you-take-action-now
On Tue, 15 May 2018 22:55, patr...@enigmail.net said:
> there is no reason to deactivate Enigmail, especially as S/MIME in
> Thunderbird is affected by the same issues -- and S/MIME cannot be
> deactivated.
You can temporally remove your X.509 private key.
Shalom-Salam,
Werner
--
# Pleas
> Given that there seems to be one attack that does affect Enigmail, and
> the potential exfiltration pathways listed in the paper, would you
> recommend waiting for these fixes to come out prior to re-enabling
> Enigmail?
I personally think you should re-enable it as soon as is convenient for
you
On 15.05.18 21:59, Michael Carbone wrote:
> On 05/14/18 07:31, Patrick Brunschwig wrote:
>> On 14.05.18 08:54, Michael Carbone wrote:
>>> https://www.eff.org/deeplinks/2018/05/attention-pgp-users-new-vulnerabilities-require-you-take-action-now
>>>
>>>
>>>
>>> https://www.eff.org/deeplinks/2018/05/d
On 05/14/18 07:31, Patrick Brunschwig wrote:
On 14.05.18 08:54, Michael Carbone wrote:
https://www.eff.org/deeplinks/2018/05/attention-pgp-users-new-vulnerabilities-require-you-take-action-now
https://www.eff.org/deeplinks/2018/05/disabling-pgp-thunderbird-enigmail
looking forward to hearing
On 14.05.2018 13:31, Patrick Brunschwig wrote:
> The recommendation of the EFF is simply wrong. Enigmail contains fixes
> or workarounds for the described attacks latest since Enigmail version 2.0.
It would be indeed be more honest if they would say to unintall mail
clients and install Signal ins
On 14.05.18 08:54, Michael Carbone wrote:
> https://www.eff.org/deeplinks/2018/05/attention-pgp-users-new-vulnerabilities-require-you-take-action-now
>
>
> https://www.eff.org/deeplinks/2018/05/disabling-pgp-thunderbird-enigmail
>
> looking forward to hearing more soon...
The recommendation of
> looking forward to hearing more soon...
We saw a preview of that paper. It's under embargo so it would be
inappropriate for us to comment on it until it's released. It was also
inappropriate for the EFF to comment on it. You can expect us to have
an official statement on it once the paper is
https://www.eff.org/deeplinks/2018/05/attention-pgp-users-new-vulnerabilities-require-you-take-action-now
https://www.eff.org/deeplinks/2018/05/disabling-pgp-thunderbird-enigmail
looking forward to hearing more soon...
--
Michael Carbone
Manager of Security Education
Digital Security Helpline
A