Saeed (@saeedakh),

I read the Twitter link in your message, and the original article that it referenced from the EFF.  The updated EFF article with the link to the research paper is here:

https://www.eff.org/deeplinks/2018/05/not-so-pretty-what-you-need-know-about-e-fail-and-pgp-flaw-0 

I'm a little confused about this announcement and the way that it is constructed.  The only two good mitigation actions that I saw in either piece was to (a) immediately move to another secure channel (I won't repeat the recommendation because I do not want to support the use of a particular application before I research it myself); or (b) use out-of-band PGP decryption rather than a plugin to your email client.

It seems to be more of the same Chicken Little claims that PGP is dead.  Instead, it appears to be more of a combination of bad HTML parsing in the email client itself, and a failure of the client to block unsigned PGP and S/MIME messages or those where the signature is invalid.

I don't understand how not using PGP software to encrypt/decrypt messages solves the issue.  It seems like the only outcome this would have is preventing me from reading my own email.  The real problem is with the client, so moving to an out-of-band PGP encryption/decryption tool should fix that.

The way the release is written, aside from the very quick mention of moving to an alternate secure channel, makes it seem like moving to clear text email is the rational choice over continuing to use a slightly broken PGP & S/MIME system.  It must be REALLY broken for that to make sense.  Like, this PGP vulnerability must be the key to time travel or something and as long as it exists on my computer, they can prevent my grandparents from being born...?  But the articles don't indicate that.

Anyone getting a different vibe here?

Eric B.

If I read/understand the issue properly, one of the keys (no pun) to exploiting the vulnerability is crafting an HTML-based email to someone with the appropriate private key (i.e. the original intended recipient) whereby that email must do two things:

1. Hide the encrypted message that the attacker wants decrypted
2. Through the use of some backchannel (e.g. placing using the to be decrypted email as the src of an HTML img tag), the content will be decrypted and sent back to the attacker (as a requested resource from his/her/their server)

Yes, it is a vulnerability - more with the email clients than the PGP, etc., but I find it very hard to believe that someone security-aware enough to be using PGP to encrypt emails would also be setting his or her mail client to read HTML email and/or to otherwise obfuscate content. The bottom line this gets back to is age-old axiom: Never, ever, read HTML email. And of course the corollary: Never, ever send HTML email. It is a rude and hazardous as sneezing in someone's face. So yes, there is a risk here, but it is a bit like telling people who text and drive that that they should disable audio notifications because the sound may distract them. That risk is only enabled by a larger risk they are taking and posing.