Re: Don't Panic.

2018-05-18 Thread MichaelQuigley
"Gnupg-users" <gnupg-users-boun...@gnupg.org> wrote on 05/15/2018 02:45:35 PM: > - Message from "Mark H. Wood" <mw...@iupui.edu> on Tue, 15 May > 2018 11:06:26 -0400 - > > To: > > gnupg-users@gnupg.org > > Subject: > >

Re: Don't Panic.

2018-05-16 Thread Werner Koch
On Tue, 15 May 2018 17:06, mw...@iupui.edu said: > Heh. "We've discovered that locks can be picked, so you should remove > all the locks from your doors right now." "There are lot of benefits for members of the Mechanical Frontdoor Foundation. Rely on us for your social engineering tasks.

Re: Don't Panic.

2018-05-15 Thread Mark H. Wood
On Mon, May 14, 2018 at 04:48:31PM +0100, Mark Rousell wrote: > Amongst other things this includes the following paragraph which, as I > understand it, is essentially untrue: > > "There are currently no reliable fixes for the vulnerability. If you > use PGP/GPG or S/MIME for very

Re: Don't Panic.

2018-05-14 Thread Robert J. Hansen
> I'm going to add this to the HN thread. I trust that's OK. Go for it. :) ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Don't Panic.

2018-05-14 Thread Mirimir
On 05/13/2018 08:27 PM, Robert J. Hansen wrote: > [taps the mike] > > Hi. I maintain the official GnuPG FAQ. So let me start off by > answering a question that is certainly about to be asked a lot: "Should > we be worried about OpenPGP, GnuPG, or Enigmail? The EFF's advising us > to uninstall

Re: Don't Panic.

2018-05-14 Thread Andrew Gallagher
> On 14 May 2018, at 14:47, Dan Kegel wrote: > > Anyway, if you have a checkbox for 'automatically decrypt', you might > consider unticking it.) This may not be sufficient. It’s not just automatic decryption but any decryption at all in the client that can trigger a callback.

Re: Don't Panic.

2018-05-14 Thread Mark Rousell
On 14/05/2018 08:27, Robert J. Hansen wrote: > Werner saw a preprint of this paper some time ago. I saw it recently. > Patrick Brunschwig of Enigmail saw it. None of us are worried. Out of > respect for the paper authors I will skip further comment until such > time as the paper is published. >

Re: Don't Panic.

2018-05-14 Thread Mark Rousell
On 14/05/2018 08:27, Robert J. Hansen wrote: > Werner saw a preprint of this paper some time ago. I saw it recently. > Patrick Brunschwig of Enigmail saw it. None of us are worried. Out of > respect for the paper authors I will skip further comment until such > time as the paper is published. >

Re: Don't Panic.

2018-05-14 Thread Dan Kegel
Thanks for the heads up! (The eff alert only suggests disabling tools that *automatically* decrypt messages, Stumbling around a bit on the net, this sounds like a rehash of https://sourceforge.net/p/enigmail/bugs/226/ Anyway, if you have a checkbox for 'automatically decrypt', you might consider

Don't Panic.

2018-05-14 Thread Robert J. Hansen
[taps the mike] Hi. I maintain the official GnuPG FAQ. So let me start off by answering a question that is certainly about to be asked a lot: "Should we be worried about OpenPGP, GnuPG, or Enigmail? The EFF's advising us to uninstall it!"