techkenyot.com
techkenyot.com August 19, 2018


New encryption vulnerability means email is no longer secure

14 May 2018, 06:15 | Edward Lowe

New encryption vulnerability means email is no longer secure

PSA PGP and S  MIME are broken and leaking encrypted emails – stop using them right now

The researchers have already contacted email service providers through the Electronic Frontier Foundation.

A more detailed explanation and analysis will be forthcoming once the research is formally released tomorrow, but the vulnerabilities are thought to affect both PGP and the S/MIME public key encryption standard.

Professor Sebastian Schinzel took to Twitter with the news early on Monday, European time.

He said the vulnerabilities "might reveal the plaintext of encrypted emails, including encrypted emails sent in the past" and that there are no current fixes available.

Jose backs Carrick for assistant's role
I've got a lot of memories now to cherish and some I'll never forget, especially at this place. After victory over Watford, the manager said: "No, at the moment he is my assistant".

EFF said in a blog post that users should uninstall PGP until the flaw is patched.

Attackers who exploit the vulnerability are able to change an encrypted email in a certain way and send then send the altered encrypted email to the victim.

Another way would be to use authenticated encryption via tools such as OpenPGP, he argued. Because a full block of plaintext-the researchers cite S/MIME emails starting with "Content-type: multipart/signed" as one-is known to the attacker, this allows the attacker to "repeatedly [append] CBC gadgets to inject an image tag into the encrypted plaintext".

PGP is often used to encrypt messages in popular email programs such as Outlook, Apple Mail, Thunderbird, and Enigmail.

Iraq PM says to impose security in Kirkuk after riots
Sadr's father, highly respected Grand Ayatollah Mohammed Sadeq al-Sadr, was murdered in 1999 for defying Saddam Hussein. Parliament must approve the government programme and each individual minister in separate absolute majority votes.

Though researchers are warning users of the seriousness of the vulnerability, many believe it is being hyped too much.

In a tweet, Koch said the vulnerability is primarily in the email clients and not in the protocols. In the meantime, they are recommending that users stop using OpenPGP and S/MIME for now.

Of course, if you recognise the need to secure encrypt your communications you probably also understand that resorting to sending and receiving unencrypted email is far from an acceptable solution.

However, to address this risk, experts have come up with a chip that uses ionic memristor technology to address security concerns. According to the researchers, the said technology can be seen as an electrical resistance switch, which can "remember" its state of resistance due to the history of applied voltage and current.

Mercedes-AMG GT S Roadster revealed
In the standard model, this produces 469 hp and 465 lb-ft of torque, while the C version ups the ante to 550 hp and 502 lb-ft. Mercedes-AMG is already taking orders for the new GT S Roadster , with the market launch scheduled for July 2018.



Other News

Trending Now

Prince Philip seen for the first time since hip replacement surgery
Prince Philip retired from public life last fall, delegating his charities and organizations to his children and grandchildren. When Queen Elizabeth first visited the Duke and Duchess of Cambridge at their country home in Norfolk, she was left "shocked".

Italy's M5S and League parties poised to name a prime minister
The two parties were set to present their "government of change" to Mattarella on Monday instead. Outside the presidential palace in Rome.

Marvel Fan Comes up With Perfect MCU Introduction for Ms. Marvel
Aside from the fact that the project is in the works, details are scarce regarding how Khan will make her entrance into the MCU. WASHINGTON-It looks like Ms Marvel is finally one step closer to joining the MCU.

North Carolina's bishop Curry to preach homily at royal wedding ceremony
That said, Welby had nothing but nice words to say about Curry when the announcement of his inclusion was made. Prince Harry and Meghan Markles relationship is transatlantic, and now their wedding ceremony will be too.

Mancini to sign Italy contract Tuesday
Mancini also revealed that that he now had no agreement with the Italian team and could not confirm he would be named to the post.

Xerox terminates merger deal with Fujifilm
The move came after the deal prompted a proxy fight from Icahn and Deason, who argued that the merger terms undervalued Xerox. Together, Icahn and Deason reportedly own over a tenth of the ~US$8 billion company.

Iran seeks 'clear future design' for imperilled nuclear deal
The International Atomic Energy Agency (IAEA) has repeatedly confirmed that Tehran has been meeting its nuclear commitments fully. Tehran said it will preserve the 2015 nuclear deal with Russian Federation despite Washington's decision to withdraw.

Meghan Markle Lego figure causes uproar
The team even created 500 spectators and celebrity lookalikes including Sir Elton John and 90s pop icons the Spice Girls. George's Chapel in the grounds of Windsor Castle, about 20 miles west of central London.

IPL 2018: Rajasthan Royals Defeat the Mumbai Indians
He conceded only 16 runs from his four overs and dismissed Lewis and Suryakumar and Rohit Sharma (0) in successive balls. The fluffed chances allowed Mumbai Indians to come out of Power-play overs unscathed and with 51 runs on the board.

Samsung Galaxy Note 9 unlikely to feature in-display fingerprint sensor
The mid-segment devices will be powered by the Qualcomm Snapdragon 660 processor coupled with 4GB RAM and 64GB expandable storage. The phones have already passed through Bluetooth SIG certification confirming the Bluetooth support in the phones.