You can add location information to your Tweets, such as your city or precise location, from the web and via third-party applications. You always have the option to delete your Tweet location history. Learn more
@dangoodin001 @arstechnica can we please tone down the Efail FUD? *Both* Thunderbird *and* Enigmail were patched in ways sufficient to mitigate the flaw months before the Efail disclosure. *Additional* mitigations are being released just to be safe.https://twitter.com/marcan42/status/996275862273081344 …
The additional Enigmail release 1) blocks decrypting very old e-mails entirely (because those use old obsolete crypto that is always vulnerable), and 2) adds extra mitigations to the network leaks (but the only one the researchers found in Thunderbird is already patched).
This was already mitigated sufficiently months ago, and now we're just doubling down on everything because with all the FUD flying around nobody wants to give people more excuses to shout "PGP email is broken!!1!"
This thing was coordinated so poorly that nobody, not even the researchers, seems to know what was patched when, and everyone was caught off guard with announcements. But if you *actually* dig up the bug reports and commits, no up-to-date Enigmail+Thunderbird was vulnerable.
Refs: - Thunderbird patch for HTML request leak: https://hg.mozilla.org/releases/comm-release/rev/6e229daf13cc … (fixed in 52.7.0) - Enigmail bug for malleability (fixed in 2.0): https://sourceforge.net/p/enigmail/bugs/721/ … - Thunderbird S/MIME leak fix (upcoming in next release):https://hg.mozilla.org/releases/comm-release/rev/6f5d2abfedc9 …
No, Thunderbird and Enigmail are *not* fixed. I saw a demo of Efail exfiltration work last week on fully updated versions of Thunderbird and Enigmail.
Thanks to @hanno for publicly confirming today what the original researchers have said since Monday.https://twitter.com/hanno/status/997138771194859521 …
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
