How to Protect Your Email Now That PGP Is Hacked
If you’ve used PGP – short for Pretty Good Privacy – to send and receive encrypted email messages, it might be time to switch to another service to keep your messages private. A brand new vulnerability, funnily titled EFAIL, could expose the content of your emails (in some cases even old emails) in clear text. Goodbye secrecy.
If you just use your favorite email service to send regular messages to friends, read great newsletters, or notify companies you are mad about, these issues will not affect you at all. You will know if you are using PGP because the entire premise of the program relies on the use of public and private keys – huge strings of text – to encrypt and decrypt messages. Secret messages, ideally, not just funny images of cats that you want to send to your significant other.
There is a debate right now about how problematic the EFAIL vulnerability is, as some companies and security experts point out that if you just make sure you don’t receive HTML emails – switch to plaintext instead – you should be fine. As Werner Koch of GnuPG writes:
“There are two ways to mitigate this attack – by not using HTML email. Or, if you really need to read them, use an appropriate MIME parser and deny any access to external links. “Use authenticated encryption.”
Whether the issue is PGP and S / MIME, as the Electronic Frontier Foundation points out , or the email clients themselves, your level of comfort with encrypted communications will determine your next steps. As efail.de points out , there are several methods you can use to mitigate the impact of EFAIL on your secure communications:
“Short-term: no decryption in the mail client. The best way to prevent EFAIL attacks is to decrypt S / MIME or PGP emails only in a separate application outside of your email client. Start by removing your S / MIME and PGP private keys from your email client, then decrypt incoming encrypted emails by copying and pasting the encrypted text into a separate application that decrypts for you. Thus, email clients will not be able to open exfiltration channels. This is currently the safest option, but on the other hand, the process is getting more complicated.
Momentary: Disable HTML rendering. EFAIL attacks abuse active content, mainly in the form of HTML images, stylesheets, etc. Disabling the presentation of incoming HTML emails in your email client will close the most visible way of an EFAIL attack. Note that there are other possible non-HTML backhaul channels in email clients, but they are more difficult to use.
Medium term: patching. Some vendors will publish patches that will either fix EFAIL vulnerabilities or make them harder to exploit.
Long term: update the OpenPGP and S / MIME standards. EFAIL attacks exploit flaws and undefined behavior in the MIME, S / MIME, and OpenPGP standards. Therefore, the standards need to be updated, which will take some time. “
Our advice? Maybe it’s time to stop using email for encrypted communication. EFF suggests this as a workaround, at least:
“Our advice, which reflects the opinion of the researchers, is to immediately disable and / or remove tools that automatically decrypt PGP-encrypted email. Until the weaknesses described in the document are more widely understood and corrected, users should arrange to use alternative end-to-end secure channels such as Signal and temporarily stop sending and especially reading PGP encrypted e-mail. “
As Wired described in a 2017 article, end-to-end encrypted apps like Signal, WhatsApp, Confide, or even Skype – just to name a few – are great for sending secure messages (for now).
While that doesn’t mean that any of these apps, or even the signaling protocol they use to secure your messages, is immune to future exploits (of all flavors ), messaging apps with built-in end-to-end encryption might be worth considering. as an alternative to email for your most private messages. They are not reliable – especially if someone has a jailbroken device on the other end – but they are better than nothing if you understand the differences: