Story 2014-09-10 2S8K Popular PGP Email add-on Enigmail addresses security gaps

Popular PGP Email add-on Enigmail addresses security gaps

by
in security on (#2S8K)
story imageYou might be familiar with Enigmail, the popular add-on to the Thunderbird email program that allows public-key encryption of email. If you haven't heard of it, it's worth investigating - Enigmail is an important upgrade to your email experience. And if you're already using it then you should upgrade, because several encryption flaws were found, and have recently been patched.
An Enigmail user who reported one of the encryption failures in version 1.7 on the project's support forum described the situation as "the biggest imaginable catastrophe."

"I am currently preparing a crypto class for journalists next week to teach them how to use safe email," the user wrote. "HOW am I going to explain that? A system tells the user in a separate window as well as in a menu line that everything will be encrypted but then it simply FORGOT to ENCRYPT and, ooops, their report will be intercepted and their source will be tortured?"
That's a bit hyperbolic perhaps. But it's still a good time to keep your encryption up to date. Unless you agree with security researcher Matthew Green, who thinks PGP sucks and it's time for it to die.
Reply 11 comments

Replacement or increased use (Score: 1)

by hyper@pipedot.org on 2014-09-10 23:15 (#2S8Y)

Considering that PGP never got off the ground for the general population perhaps this decade it will as phone users see the need for all communication across public networks to be private. Or, as least not easily read in clear text.
What would be good is to have pgp key generation as part of the phone setup and enabled by default in email and sms applications.

Disagree (Score: 0)

by Anonymous Coward on 2014-09-11 00:59 (#2S96)

I actually RTFA this time and completely disagree. There's nothing remotely hyperbolic about the vulnerabilities, the shameful lack of disclosure, or the teacher/journalist's quote.

Who goes to all the trouble of using e-mail encryption? The paranoid, hobbyists, and PEOPLE WHO REALLY NEED IT.

Of mother*(@#&%()& COURSE someone being tortured as a direct result of this false encryption is a very real possibility.

I've never used this particular plugin, in part since like most people I've given in to the inevitability of government surveillance over everything (and in part because its use actually draws attention, and most of all because no one else can read your mail to them without a major hassle on their part). But I am moderately shocked at how badly the developers handled this situation, if this report is to be believed....

1.7.2 unusable (Score: 2, Informative)

by seriously@pipedot.org on 2014-09-12 08:46 (#2SAA)

I've been using enigmail for years but the recent update to 1.7.2 made it unusable.

Besides being suddenly very slow, it is now saving *all* drafts as encrypted even the one sent to people not using PGP. I don't know what's going on, but the end result seems to be that if the mail I'm writing has embedded images (*not* distant online images, just inline in the flow of the text), as soon as it is auto-saved in the draft folder (after 2-3 minutes), the inline images become "broken" (white square with dead link symbol).

The solution I've seen so far ? don't use html in emails, just plain text. But that doesn't fit very well in my workflow of sending inline graphs with comments around.

I downgraded to 1.7 since I'm don't feel impacted by the bugs (I never used the encryption, only the signing) and it's working fine. I'll try to fill a bug whenever I've time.

Sorry for the Friday morning's rant ... seriously :-)

Re: 1.7.2 unusable (Score: 0)

by Anonymous Coward on 2014-09-12 13:09 (#2SAN)

Is it still the best solution for Thunderbird/Seamonkey? I'm not getting a great feeling about these devs.

I guess there's always GPG command line...

Re: 1.7.2 unusable (Score: 1)

by seriously@pipedot.org on 2014-09-12 14:01 (#2SAV)

I don't know whether it's the best, but as far as I know it's the only one.

As for using GPG in command line, might as well use Mutt, it has GPG signing and encryption built-in :-)

Re: 1.7.2 unusable (Score: 0)

by Anonymous Coward on 2014-09-12 14:33 (#2SB0)

Cool, thanks for the reply. I was always afraid I'd end up using a console mail reader again some day. :)

Re: 1.7.2 unusable (Score: 1)

by zafiro17@pipedot.org on 2014-09-12 14:41 (#2SB2)

Welcome back! It's nice on the CLI mail reader front. I've never left it. If you need help with Mutt I can highly recommend my popular Woodnotes Guide to the Mutt Email Client (PDF, HTML versions). http://therandymon.com/index.php?/archives/198-Woodnotes-Guide-to-the-Mutt-Email-Client.html It gets pretty good reviews.

Re: 1.7.2 unusable (Score: 1)

by seriously@pipedot.org on 2014-09-12 14:59 (#2SB6)

I definitely switched to vim several months ago and feel so much better, give it a bit of time and you'll see me join the Mutt crowd soon enough :-)

Re: 1.7.2 unusable (Score: 2, Informative)

by seriously@pipedot.org on 2014-09-12 14:57 (#2SB4)

Besides being suddenly very slow, it is now saving *all* drafts as encrypted
okay, in all honesty, it's highly likely that the slowness is because it is saving all the drafts and that the mail I was working on had several embedded figures making it quite heavy in size.

Still, this shouldn't happen. I disabled all the checkbox and I'm not even using IMAP, so not a chance that the draft could leak to a distant server.

Re: 1.7.2 unusable (Score: 0)

by Anonymous Coward on 2014-09-12 18:08 (#2SBJ)

Honestly, from the linked article it sounds as if their entire development and, more importantly, testing model is a complete mess. I wouldn't feel comfortable trusting anything this application does.

First TrueCrypt and now this. Why are the important open source crypto teams so squirrelly?

Re: 1.7.2 unusable (Score: 1, Funny)

by Anonymous Coward on 2014-09-12 20:39 (#2SBZ)

you forgot OpenSSL of heartbleed fame ;-)