This article is more than 1 year old

Zimmerman and friends: 'Are you listening? PGP is not broken'

EFAIL furore not over yet, even though it's easy to fix

ProtonMail has weighed into 2018's worst branded-bug PR disaster, EFAIL, with a simple statement: “PGP is not broken”.

The discoverers of the bug in e-mail client encryption implementations started the ball rolling ahead of their disclosure in the middle of this month.

Münster University professor Sebastian Schinzel started the ball rolling on Twitter touting the upcoming disclosure, and in a four-Tweet thread advised users to disable PGP and S/MIME until patches were available.

The pre-disclosure publicity created a furore, since the EFF backed the “PGP is unsafe” framing, and after a combination of criticism and leaks, disclosure came ahead of the researchers' planned date – and EFAIL turned out to be client implementation errors, rather than a vulnerability in PGP.


S/MIME artists: EFAIL email app flaws menace PGP-encrypted chats


At the time, we summarised the twin bugs as an HTML exfiltration attack (tricking the client into fetching a URL containing a message plaintext), and a CBC/CFB gadget attack that could trick a client into sending unencrypted messages to the attacker's server.

The researchers said the best defence was to disable HTML in the client – which pointed at client implementation flaws – and EFAIL all but left the headlines.

However, PGP's creator Phil Zimmerman, Protonmail's Any Yen, Enigmail's Patrick Brunschwig, and Mailvelope's Thomas Oberndörfer are still concerned that misinformation about the bug remains in the wild.

Yen tried to refute the EFAIL “don't use PGP” on May 25, and the four have followed up with this joint post.

The four are more critical of reporting than of the original paper, which focused on Apple Mail, Thunderbird and Microsoft Outlook and acknowledged that other PGP implementations remained secure.

The letter tells PGP users to get themselves non-vulnerable clients, and to confirm that their contacts also use non-vulnerable clients.

Regarding Enigmail and GPGTools, they write the vulnerabilities are easy to mitigate – Enigmail users need to upgrade to 2.0.5 and “use only simple HTML or plain text viewing modes in Thunderbird”, while GPGTools can be rendered safe by disabling remote content loading.

Special mention is made of the Electronic Frontiers Foundation, whose original “don't use PGP” advice hasn't yet been revisited.

One final, important detail in the post should be emphasised: “If you send PGP email, you need to inform your contacts to take appropriate action. If you give them EFFs recommendation, you may not be able to exchange encrypted messages with them. If you follow our recommendation, you can continue to use email encryption safely. It is that simple” (emphasis added). ®

More about


Send us news

Other stories you might like