Hector Martin

Since the Efail guys and @EFF are failing at actually documenting mitigations, here they are: - Use Enigmail 2.0 or later - Use Thunderbird 52.7.0 or later That's it. That fixes both the GPG issue and the back channels. If you've been running up to date software, *you're fine*.

If you're paranoid or running older Thunderbird, set network.http.speculative-parallel-limit=0 and network.dns.disablePrefetch=true. The former is already set on the latest version, the latter isn't but I wasn't able to reproduce it, so I assume they fixed it a different way.

Note that *either update* to Enigmail or Thunderbird is sufficient to mitigate; the exploit relies on *both* (for GPG anyway, but nobody uses S/MIME, right?). But you want the Thunderbird update/config fix for privacy reasons anyway (otherwise mail trackers could work).

Oh and of course don't enable autoloading remote content and don't manually override it, since that of course defeats the whole purpose of the back-channel fixes. But if you're using encryption you're already privacy-conscious enough to not do something silly like that, right?

Looks like the DNS prefetch issue was a screwup by the Efail authors. They listed it as a problem in the preprint provided to Enigmail, but the final paper doesn't have it, and as far as I can tell that's been fixed for 8 (!) years. So yeah. Just one leak in old TB (preconnect).

Another important timeline tidbit: GPG has been failing with an error (not a warning) in cases of missing MDC since 2.1.9 (released in 2015). So as long as you have a version newer than that (and the client honors errors) you're fine too, e.g. for most commandline users.