Nobody wants snoops peeking at their emails. Unfortunately993 Archives the newly discovered "Efail" vulnerability could make that a possibility.
On Monday morning, the Electronic Frontier Foundation (EFF) reported that Efail is able to expose HTML emails encrypted with PGP and S/MIME encryption programs -- even those that were sent years ago. These tools are commonly employed by journalists, politicians, and other users who require secure communication.
SEE ALSO: Gmail will soon be writing entire emails for you"In a nutshell, Efail abuses active content of HTML emails, for example externally loaded images or styles, to exfiltrate plaintext through requested URLs," the researchers write.
"The attacker changes an encrypted email in a particular way and sends this changed encrypted email to the victim. The victim’s email client decrypts the email and loads any external content, thus exfiltrating the plaintext to the attacker."
In other words, once hackers gain access to your emails, they can use the HTML tags in your emails to prompt mail clients to erroneously decrypt those emails in a way that hackers can access.
So, what should you do?
EFF's recommendation: If you use PGP or S/MIME, disable them, and uninstall the tools that decrypt them.
The security community, however, has claimed these measures aren't necessary.
ProtonMail, for example, claims that many data encryption and decryption services are already patched against Efail. ProtonMail itself has verified that it is not vulnerable to Efail.
This Tweet is currently unavailable. It might be loading or has been removed.
Dan Guido, CEO of security company Trail of Bits, claims that Efail should be very easy for clients and savvy users to detect.
This Tweet is currently unavailable. It might be loading or has been removed.
But if you're still worried, you can always opt for plain-text over HTML emails -- or just use Signal like everyone else.
Topics Cybersecurity
New MIT report reveals energy costs of AI tools like ChatGPT
Read Frederick Seidel’s Poem “Arabia”
Ovid’s Ancient Beauty Elixirs by Dan Piepenbring
The Morning News Roundup for April 17, 2014
You won't see Elon Musk smoking weed in public again, NASA admin says
Immune System by Dan Piepenbring
The Story Behind “Cunning”
Inappropriate by Sadie Stein
Hidden Siri Commands and Unusual Responses
Opening Day by Sadie Stein
Mac Mini M2 Desktop deal: Save $100 at Best Buy
Kingsley Amis’s James Bond Novel
Frederick Seidel on Massimo Tamburini by Dan Piepenbring
Read Zadie Smith’s Story from Our Spring Issue
Comparing Team Communication Apps: What Do You Get for Free?
Recapping Dante: Canto 24, or Serpent, Ashes, Rinse, Repeat
The light verse of Phyllis McGinley, born on this day in 1905.
The Morning News Roundup for April 16, 2014
Every MCU movie villain ranked, from "Iron Man" to "Thunderbolts*"
Sadie Stein on the Comic Song “The Cat Came Back”
A Message from ‘The Paris Review’ StaffGillian Anderson is curating a book about sex and wants your anonymous storiesAmazon's Black Friday laptop deals are shockingly greatTwitter/X confirms Nazi content was shown alongside Apple ads. So why is it suing?All the best mattress deals for Black Friday 202311 fake languages that are super easy to learnBest Echo deal: Get an Echo Pop and a Kasa smart color bulb for under $18How A Godless Democrat Fell in Love With Cowboy PoetryEpik High's Tablo talks NewJeans, BTS, and the promise of AIA Message from ‘The Paris Review’ StaffMark Twain’s Disturbing Passion for Collecting Young GirlsPhoto carousels are taking over TikTokHow a potential recession will uniquely affect the creator economyWhy Write Fiction in 2017?Hale and Hearty by Robin BellingerThe Literary Prize for the Refusal of Literary PrizesCelebrating Umoja Karamu, a “Ritual for the Black Family”Solving Riddles, Reading PoemsThe Literary Prize for the Refusal of Literary PrizesSculpture of John Oliver riding a Pūteketeke goes on sale for a good cause New 'Game of Thrones' calendar teases a mysterious beast of legend LinkedIn cofounder will pay $5 million for Donald Trump's tax returns Ryan Reynolds sent the 'Avengers: Endgame' URL troll a kickass gift People are dragging Offset for his manipulative Cardi B stunt 400 students showed up to sing to their teacher battling cancer If you want to enrage a Brit, change their favourite baking show Clinton camp reveals pneumonia diagnosis after 9/11 event Woman accidentally dresses exactly like a Rocket Pop Trump campaign responds to Clinton's 'basket of deplorables' comment Facebook bug affecting 6.8 million gave apps unauthorized photo access Even newspaper ads aren't declining as fast as desktop ads YouTube announces it removed more than 58 million videos last quarter Diseased, depressed and drunk: A short history of candidates' many health problems Yael Stone accuses Geoffrey Rush of inappropriate behavior HQ Trivia boss Colin Kroll is dead at 35 after an apparent overdose Man buys woman a drink, texts her awkward request weeks later Delivery robot catches fire at UC Berkeley campus, students hold vigil Researchers spot the farthest known object in our solar system Facebook adds Boomerangs, portrait mode, AR stickers to Messenger AP deletes tweet about Clinton's 'basket of deplorables' comment
2.5763s , 8201.703125 kb
Copyright © 2025 Powered by 【1993 Archives】,Wisdom Convergence Information Network