<a href="https://protonmail.com/blog/pgp-vulnerability-efail/">https://protonmail.com/blog/pgp-vulnerability-efail/</a> <br><br>Protonmail vehemently disagrees, and I think their reasoning is sound. <br><br><br><br><br><br><br>-------- Original Message --------<br>On May 14, 2018, 20:04, eviljoel < eviljoel@linux.com> wrote:<blockquote class="protonmail_quote"><br><html><head></head><body>Greetings,<br><br>There is a newly discovered vulnerability in PGP that allows attackers<br>to decrypted prior messages under certain conditions. The Electronic<br>Frontier Foundation (EFF) is recommending people stop using PGP for<br>encrypted communications until the problem has been fixed and the fix<br>has had time to be adopted by most users. I agree with their<br>recommendation. The EFF describes the vulnerability here:<br><br><a href="https://www.eff.org/deeplinks/2018/05/not-so-pretty-what-you-need-know-about-e-fail-and-pgp-flaw-0">https://www.eff.org/deeplinks/2018/05/not-so-pretty-what-you-need-know-about-e-fail-and-pgp-flaw-0</a><br><br>I kinda disagree with the EFF's tone in this e-mail. While Signal is a<br>great platform for text messaging and instant messaging, it really isn't<br>a replacement for e-mail. PGP encrypted E-mail works better with<br>threaded discussions and doesn't suffer from a single point of failure<br>like Signal does. Coming up with a new, decentralized discussion<br>platform with the same adoption rate of PGP/e-mail will be extremely<br>difficult. I hope that this problem is fixed quickly and doesn't mark<br>the end of PGP e-mail encryption.<br><br>Sincerely,<br>eviljoel<br><br>-- <br>Let me teach you encrypted e-mail. eviljoel's PGP fingerprint:<br>A2BE 2D12 24D1 67CA 8830  DDE7 DFB3 676B 196D 6430<br><br>_______________________________________________<br>discuss mailing list<br>discuss@lists.chicagolug.org<br><a href="https://lists.chicagolug.org/mailman/listinfo/discuss">https://lists.chicagolug.org/mailman/listinfo/discuss</a><br></body></html></div>