tinyfav.com May 23, 2018

Encrypted Emails May Be Readable

15 May 2018, 04:22 | Hattie Nash

Daniel Sambraus—EyeEm Getty Images

Daniel Sambraus—EyeEm  Getty Images

This new vulnerability allows hackers and attackers the ability to read encrypted HTML emails in plaintext files. If you're particularly paranoid, you might choose to decrypt emails in applications that are separate from your email program-a step the German researchers recommend.

Professor Schinzel is a member of a research team consisting of a long list of respected security researchers, and which has been responsible for uncovering a number of cryptographic vulnerabilities.

"If you use PGP/GPG or S/MIME for very sensitive communication, you should disable it in your e-mail client for now". "Having used PGP since 1993, this sounds baaad (sic)", F-Secure's Mikko Hypponenwrote in a tweet.

In the short term, researchers call for users to disable HTML rendering and avoid decrypting emails in an email client. Indeed, after any bug reports get published, attackers often begin exploiting the new flaws within hours.

If you are asked for the admin password, enter it to confirm the action.

Details about the vulnerability were released by the Suddeutsche Zeitung newspaper prior to a scheduled embargo.

The second attack type works against a larger number of email clients.

Sears Stock Rockets As Amazon Alliance Expands To Full-Service Tire Installation
In December, Sears added DieHard products like jump starters and battery charges to the list of products available on Amazon. The program will begin at 47 locations , but Sears says it has plans to roll it out to every Auto Center around the country.

David Moyes reveals he received Premier League offer after joining West Ham
Against Brighton, at half-time I told the players they were going to lose and tonight at half-time I said we would win. Moyes had just been relegated at Sunderland and the Hammers were looking at a relegation battle.

Facebook bans foreign ads targeting Irish abortion referendum
Facebook has moved to block foreign advertisements relating to the upcoming Irish referendum on the Eighth Amendment. Under Irish law, foreign citizens and groups are not allowed to make donations to Irish campaign groups.

Attackers need to send emails as specially crafted HTML messages that contain the code required to exfiltrate decoded text from vulnerable programs. The attacker then injects image tags into the encrypted plaintext, creating a single encrypted body part. "The result is really elegant", he tells the newspaper.

However, to address this risk, experts have come up with a chip that uses ionic memristor technology to address security concerns.

Academics from the Electronic Frontier Foundation have discovered critical vulnerabilities in two email encryption protocols. "Until the flaws described in the paper are more widely understood and fixed, users should arrange for the use of alternative end-to-end secure channels...and temporarily stop sending and especially reading PGP-encrypted email".

The issue, dubbed EFAIL, has to do with a hole in OpenPGP and S/MIME standards that can reveal the plain text of encrypted emails.

"You might also have had some exposure in the past if back then you used a pre-2000 version of GnuPG, and/or an email plugin which didn't handle the warning correctly", the GPG team wrote. That's because EFAIL can be stopped by using authenticated encryption; OpenPGP started to support authenticated encryption in 2001.

BestVPN advice: Uninstall PGP immediately (at least for now)!

And many corporate email services employ S/MIME.

As of now, there are not many details available on the latest vulnerability, but more information is expected to be shared by the researchers soon.

Other News

Trending Now

New Google AI can have real life conversations with strangers
Google has the upper hand in Smart Displays for many reasons. "We understand and value the discussion around Google Duplex ". The vision for Duarte and Google at large is to free up all that data and make the interfaces that lock it away disappear.

5 takeaways from 2017-18 National Basketball Association season
The Rockets won two of three regular season matchups, which gives them a solid sense of confidence entering the series. Obviously, "Cavaliers win if LeBron James" isn't really a sentence, but at this point it may as well be.

Donald Trump now wants to save ZTE and everyone's confused
ZTE, as one of the world's largest telecom equipment makers, relied on US companies such as Qualcomm and Intel for components. Qualcomm last month said it expected lost sales to ZTE to lower its earnings by 3 cents per share in the current quarter.

David Goodall's story forces us to confront uncomfortable truths
Goodall, who had been barred from seeking help to end his life in his home country, did not have a terminal illness. A right-to-die group says 104-year-old Australian biologist David Goodall has ended his life in Switzerland .

Pakistan declare first innings on 310-9 in only Test against Ireland
That pressure ultimately told with the final delivery of the eighth over when Rankin had Azhar Ali all squared-up. There was drama at an initially sun-drenched Malahide right from Saturday's first ball of this stand-alone match.

Chocolate truck spill causes sticky situation on Polish highway
Inclement weather can render roads risky to drive on, but it turns out spilled chocolate can be just as much of an inconvenience. By the time clean up crews had arrived the liquid had begun to solidify, making the scene hard to clean up, local police said.

Ukraine's Melovin qualifies for Eurovision final
Such censorship is perhaps unsurprising from a country which has a history of media censorship. Mango TV and China's TV and radio regulator did not reply to request for comment.

Aston Martin DB11 AMR unleashed
With the AMR, he added, "we felt the V12 could reveal more of its sporting potential, while remaining the consummate GT". After the preliminary announcement of the company Aston Martin has officially presented the "charged" coupe DB11 AMR.

Queen Elizabeth gives consent for Prince Harry and Meghan Markle's marriage
There are also olive branches beneath it which were inspired by the Great Seal of the United States . However, there is no malice on the part of Her Majesty, just a simple explanation.

Milan blunders help Juve win Italian Cup
Two minutes later, Benatia got his second of the night to make it 3-0 for Juventus . We'll do this with Juventus administration.