[ Date Index ]
[ Thread Index ]
[ <= Previous by date /
thread ]
[ Next by date /
thread => ]
Re: [LUG] gpg security flaw
- To: list@xxxxxxxxxxxxx
- Subject: Re: [LUG] gpg security flaw
- From: Simon Waters <simon@xxxxxxxxxxxxxx>
- Date: Mon, 14 May 2018 22:21:39 +0100
- Cc: list@xxxxxxxxxxxx
- Delivered-to: dclug@xxxxxxxxxxxxxxxxxxxxx
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=dclug.org.uk; s=1523264761; h=Sender:Content-Transfer-Encoding:Content-Type :Cc:Reply-To:List-Subscribe:List-Help:List-Post:List-Unsubscribe:List-Id: Subject:To:References:Message-Id:Date:In-Reply-To:From:Mime-Version: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Owner:List-Archive; bh=DqC+riuFcOXBV04qqzs9D/v3ThRPviXNJgSap/S9WUc=; b=M7nMqN7kVCeu746BD+arXcAu0p 5F0Pr2gWT3ORFtiId1kGcru+ccCistAqE/PgBP4Dyt/PLaStXHZQ7V/EMawzSTw4xQ+tF6Sm+Rwgq 27x/n6OnmwOmyZmwME333u8l/gLNsA+UB+HIhpXz2m01OixOnAaveIvA6uTAUZA0yicQ=;
> On 14 May 2018, at 20:46, Martijn Grooten <martijn@xxxxxxxxxxxxxxxxxx> wrote:
>
> If you're using it to handle sensitive data you should probably consider
> using something else (Signal!), though more because PGP is pretty broken
> in general.
Although another perspective is that the attack is quite challenging. So if you use
OpenPGP to make sensitive email harder to read, itâs likely still achieving its goal.
The point here is it is susceptible to an attack, and it highlights the weaknesses
of email as a legacy protocol.
It is also way worse for S/MIME, which is having a really rough 2018....
--
The Mailing List for the Devon & Cornwall LUG
https://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/listfaq
