National: Email No Longer a Secure Method of Communication After Critical Flaw Discovered in PGP | Gizmodo
If you use PGP or S/MIME for email encryption you should immediately disable it in your email client. Researchers have discovered a critical vulnerability they’re calling EFAIL that exposes the encrypted emails in plaintext, even for messages sent in the past. “Email is no longer a secure communication medium,” Sebastian Schinzel, a professor of computer security at Germany’s Münster University of Applied Sciences, told the German news outlet Süddeutschen Zeitun. The vulnerability was first reported by the Electronic Frontier Foundation (EFF) in the early hours of Monday morning, and details were released prematurely just before 6am ET today after Süddeutschen Zeitun broke a news embargo. The group of European researchers are warning people to stop using PGP entirely and say that, “there are currently no reliable fixes for the vulnerability.” You can read more about what the researchers are calling the EFAIL vulnerability at https://efail.de/.