The Truth about PGP’s So-Called Email Bug: It Isn’t Much of a Problem

Word has been circulating in recent days that PGP has a major bug called Efail can can lead to encrypted emails being decrypted. Details about the problem have now been released and it seems the problem is not with PGP itself. It is with the way that some programmers implement PGP in their various email systems. PGP itself is not the problem.

In fact, decrypting PGP-encrypted email messages with Efail is a difficult task, at best. It probably is not practical for most hackers although NSA or agencies of other governments with access to high-powered computers and sophisticated software tools might be able to decrypt your email messages.

Details are provided by ProtonMail at: https://protonmail.com/blog/pgp-vulnerability-efail/ and also in an article by security expert Bruce Schneier at: https://www.schneier.com/crypto-gram/archives/2018/0515.html#2

It is interesting to note that the first article also states that ProtonMail is unaffected by this so-called bug. I wrote about ProtonMail’s secure email service earlier at: https://privacyblog.com/2017/07/03/protonmail-review-a-secure-email-service-provider-from-switzerland/

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s