[PLUG] new exploit for PGP

Michael Lazin on 14 May 2018 11:40:11 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[PLUG] new exploit for PGP

From: Michael Lazin <microlaser@gmail.com>
To: "Philadelphia Linux User's Group Discussion List" <plug@lists.phillylinux.org>
Subject: [PLUG] new exploit for PGP
Date: Mon, 14 May 2018 14:40:04 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=Xr1qpQWLIDgDgsrc/lD/GjW8T3dnGV0cKHpKi2vnVJU=; b=Toh9P+gmg0SvsQu7djSuUcKnHVT/O35+QgNI9/N2Dxvm3cmr7o7Wtd3BbgkpHnVxCb uglL+U4iDt0W4NFUdDRoWjD6/f45x1IgZzrQgYxAgylzv7crZoUGzm0cyJ8RprsRonBs QxTkv1tTCTTt6D+aOWWijBlljsb0tnzp3s96rBO3e8SC9sWjclhyrH+J8bGxHigydIAQ Dls2cS7zeuXYwces/Pl+o1/ToqLn4jSBoGMRCVBf1akvHhhsjGfarWeab+C/vzpFQtoQ UMB9vOV4KmSXqf6hX9qjc1YMIXlGnS9GrOGzLDCDFKLK72sQ8R2oBU3Bqs32lfKrp2Qi m5hA==
Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>
Sender: "plug" <plug-bounces@lists.phillylinux.org>

I've been seeing a lot of hype about the new exploit for PGP published this morning, https://www.zdnet.com/article/uninstall-pgp-eff-warns-of-exploit-that-may-reveal-plaintext-of-encrypted-emails/

I thought this post from the GPG list might be of interest to folks here.

https://lists.gnupg.org/pipermail/gnupg-users/2018-May/060315.html

The EFF has been recommending uninstalling PGP until a patch is published,

Apparently the GPG maintainer is recommending to either not use HTML email or to use authenticated encryption.

Cheers,

Michael

Michael Lazin

to gar auto estin noein te kai ennai

___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug

Follow-Ups:
- Re: [PLUG] new exploit for PGP
  - From: jeff <jeffv@op.net>

Prev by Date: Re: [PLUG] Heads-up, PGP/GPG users: critical security flaw, disable it in email clients NOW
Next by Date: Re: [PLUG] new exploit for PGP
Previous by thread: Re: [PLUG] Heads-up, PGP/GPG users: critical security flaw, disable it in email clients NOW
Next by thread: Re: [PLUG] new exploit for PGP
Index(es):
- Date
- Thread