BY GENNIE GEBHART
A group of researchers recently released a paper that describes a new class of serious vulnerabilities in the popular encryption standard PGP (including GPG) as implemented in email clients. Until the flaws described in the paper are more widely understood and fixed, users should arrange for the use of alternative end-to-end secure channels, such as Signal, and temporarily stop sending and especially reading PGP-encrypted email. See EFF‘s analysis and FAQ for more detail.
Related articles
- The tools you’ve been using to secure your emails have a flaw – here’s what you should use to send secure messages (businessinsider.com)
- How to Prevent BEC With Email Security Features (resources.infosecinstitute.com)
- Signal could get kicked out of Amazon Web Services (techcrunch.com)