[chiglug] EFF: Temporally Stop Using PGP for Encrypted E-mail

eviljoel eviljoel at linux.com
Tue May 15 01:04:09 UTC 2018


Greetings,

There is a newly discovered vulnerability in PGP that allows attackers
to decrypted prior messages under certain conditions. The Electronic
Frontier Foundation (EFF) is recommending people stop using PGP for
encrypted communications until the problem has been fixed and the fix
has had time to be adopted by most users. I agree with their
recommendation. The EFF describes the vulnerability here:

https://www.eff.org/deeplinks/2018/05/not-so-pretty-what-you-need-know-about-e-fail-and-pgp-flaw-0

I kinda disagree with the EFF's tone in this e-mail. While Signal is a
great platform for text messaging and instant messaging, it really isn't
a replacement for e-mail. PGP encrypted E-mail works better with
threaded discussions and doesn't suffer from a single point of failure
like Signal does. Coming up with a new, decentralized discussion
platform with the same adoption rate of PGP/e-mail will be extremely
difficult. I hope that this problem is fixed quickly and doesn't mark
the end of PGP e-mail encryption.

Sincerely,
eviljoel

-- 
Let me teach you encrypted e-mail. eviljoel's PGP fingerprint:
A2BE 2D12 24D1 67CA 8830  DDE7 DFB3 676B 196D 6430



More information about the discuss mailing list