Have a suggestion?

Click here to suggest a blog item.

Newsletters Archive

Catch up with DonationCoder by browsing our past newsletters, which collect the most interesting discussions on our site: here.

Editorial Integrity

DonationCoder does not accept paid promotions. We have a strict policy of not accepting gifts of any kind in exchange for placing content in our blogs or newsletters, or on our forum. The content and recommendations you see on our site reflect our genuine personal interests and nothing more.

Latest News

July 19, 2022
Software Update

Jan 3, 2022
Event Results

May 13, 2020
Software Updates

Mar 24, 2020
Mini Newsletter

Dec 30, 2019
Software Updates

Jan 22, 2020
Software Updates

Jan 12, 2020
Newsletter

Jan 3, 2020
Event Results

Jan 2, 2020
Software Updates

Dec 30, 2019
Software Updates

April 27, 2019
Software Updates

Feb 26, 2019
Software Updates

Feb 23, 2019
Software Updates

Feb 14, 2019
Software Updates

Jan 6, 2019
Event Results

Dec 2, 2018
Software Updates

Nov 13, 2018
Software Releases

July 30, 2018
Software Updates

June 24, 2018
Software Updates

June 6, 2018
Software Updates

Apr 2, 2018
Fundraiser Celebration

Apr 2, 2018
Software Updates

Feb 24, 2018
Software Updates

Jan 14, 2018
Major Site News

Jan 10, 2018
Event Results

Latest Forum Posts
I am totally in love with it
When I was planning to write about Find and Run Robot. I was wondering why would someone need it on a Windows 7 or for that matter a Windows Vista machine. I totally understand it's need on prior versions of Windows before Windows Vista. But after I installed and started using it I was in love with this utility. Also, it's much more advanced than Vista or Windows 7 Search programs and files feature. It's a great software and I am totally in love with it.

Read more…

Vivek on Technology Reviews Blog
Vivek on Technology Reviews Blog image

Our daily Blog

This page spotlights the most interesting posts collected from our forum every day.

You are viewing a specific blog item. Click here to return to the main blog page.

eff says immediately disable or uninstall tools that auto decrypt PGP email

Screenshot - 5_14_2018 , 10_28_03 AM_thumb001.png
Security warning: eff.org says that you need to immediately disable and/or uninstall tools that automatically decrypt PGP-encrypted email.

This looks pretty serious.  Although they are not saying what the flaw is yet, the key seems to be if you have a mail program that AUTOMATICALLY decrypts pgp encrypted emails, somehow that can be hijacked.

A group of European security researchers have released a warning about a set of vulnerabilities affecting users of PGP and S/MIME. EFF has been in communication with the research team, and can confirm that these vulnerabilities pose an immediate risk to those using these tools for email communication, including the potential exposure of the contents of past messages.

The full details will be published in a paper on Tuesday at 07:00 AM UTC (3:00 AM Eastern, midnight Pacific). In order to reduce the short-term risk, we and the researchers have agreed to warn the wider PGP user community in advance of its full publication.

Our advice, which mirrors that of the researchers, is to immediately disable and/or uninstall tools that automatically decrypt PGP-encrypted email. Until the flaws described in the paper are more widely understood and fixed, users should arrange for the use of alternative end-to-end secure channels, such as Signal, and temporarily stop sending and especially reading PGP-encrypted email.

https://www.eff.org/...-you-take-action-now

posted by mouser donate to mouser
discovered on https://arstechnica....mails-uninstall-now/
(permalink) (read 3 comments)


Share on Facebook
submit to reddit