Encrypted emails are NOT flawless. They have a big security hole
whatsnewonthenet
Security researchers have found an alarming vulnerability in the most common forms of email encryption. They reported it on Monday morning, saying it allowed people to inject malicious code into intercepted emails despite encryption protocols.
So what happens? Well, the vulnerability affects 2 of the most common email encryption protocols – PGP & S/MIME, although the degree of vulnerability depends heavily on the client’s implementation of the protocol. A number of different clients are vulnerable, including Apple Mail, the Mail app on iOS, & Thunderbird.
If an encrypted email using those clients is intercepted in transit, an attacker could use the new vulnerability to modify the email, adding malicious HTML code before sending it to the target. When the target opens the new email, the malicious code could be used to send back the plaintext of the email, said the team of European researchers.
The weakness could allow a hacker to expose plaintext versions of encrypted messages—a nightmare scenario for users who rely on encrypted email to protect their privacy, security, and safety. The we …
The email encryption standards S/MIME — short for Secure/Multipurpose Internet Mail Extensions — and OpenPGP have been in use since the 1990s. S/MIME is frequently deployed by enterprises …
This short how-to guides users through the steps necessary to remove the popular open-source encryption plugin GPG Tools (GPGMail) from Apple Mail. It requires deleti …