#efail and PGP — What should I do?

We found this here.


Email is hard to secure. For years we’ve been trying to build security on top of email, such as through technologies like Pretty Good Privacy (PGP) and the open source implementation: GnuPG (GPG).

What happened

In the past 48 hours, there have been very scary looking reports recommending people switch off PGP in their email clients.

The TL;DR version of this post is:

If you’re worried about this attack being used against you:

A slightly more in-depth explanation for those interested follows below, and if you wish to see the discussion between the developers of GPG you can view it on their mailing list here.

What PI advocates

When giving training on Risk or Threat Modelling, we use slides similar to the ones shown below:

It’s important to remember that there’s no such thing as perfect security. Security is all about driving up the cost of attack — a sufficiently motivated attacker, with sufficient resources (including time, expertise, and money) will always get you eventually.

How it works

The way the recently-revealed attack works is set out in the below image

As you can see, not only does someone require access to your emails, but they also need to be able to change the ciphertext of that email so that when decrypted it follows a link to external content. There are several prerequisites for this attack to work:

This attack is incredibly “noisy”, relies on a non-standard setup of your email client, and requires some interaction from the user to even work. There are a couple of simple mitigations I have outlined above (turn off HTML rendering, make sure your client doesn’t load remote content by default).

By the time we see this being actively exploited in the wild, there will already be patches. Keep an eye for updates, and install them as soon as they are released.

Why this is important

The suggested mitigation of “turning off PGP in your email client” forces you and anyone else you’re talking with to converse in clear text, which is an infinitely higher risk than such a highly targeted attack as described in this paper.

We at PI, our network of partners, and the wider human rights sphere make heavy use of PGP encrypted emails in order to do our jobs, and to communicate safely with people in vulnerable situations where they may be subject to arrest or worse based on what they do. Recommending they stop using one of the fundamental security underpinnings of their jobs based on a complex edge case is reckless at best.

We won’t be changing a single thing about our use of PGP — and we suggest that you don’t either.

Privacy International

Written by

We fight for the right to privacy across the world. https://privacyinternational.org