Word has been circulating in recent days that PGP has a major bug called Efail can can lead to encrypted emails being decrypted. Details about the problem have now been released and it seems the problem is not with PGP itself. It is with the way that some programmers implement PGP in their various email systems. PGP itself is not the problem.
In fact, decrypting PGP-encrypted email messages with Efail is a difficult task, at best. It probably is not practical for most hackers although NSA or agencies of other governments with access to high-powered computers and sophisticated software tools might be able to decrypt your email messages.
Details are provided by ProtonMail at: https://protonmail.com/blog/pgp-vulnerability-efail/ and also in an article by security expert Bruce Schneier at: https://www.schneier.com/crypto-gram/archives/2018/0515.html#2
It is interesting to note that the first article also states that ProtonMail is unaffected by this so-called bug. I wrote about ProtonMail’s secure email service earlier at: https://privacyblog.com/2017/07/03/protonmail-review-a-secure-email-service-provider-from-switzerland/
- 9 Alternatives to Whatsapp that Actually Respect Your Privacy
- Huge new Facebook Data Leak Exposed Intimate Details of 3 Million Users
Categories: Email Security, Encryption