Monday, May 14, 2018

New concerns surface concerning vulnerabilities in email encryption standards



Electronic Frontier Foundation has sent out an advisory regarding vulnerabilities in various implementations of PGP encryption on various email platforms. The article is by Erica Portnoy, Danny O’Brien, and Nate Cardozo. 

Some of the vulnerabilities could enable an attacker to access other encrypted emails you have sent.
A lot of the public may not feel that this issue is as important as some others.  Most of us need to encryption standards when we deal with financial institutions to buy new products (like annuities) or go through real estate closings and need to do a lot of Docusigns.

One problem seems to be that some of the vulnerabilities could be activated merely by opening an email with html enabled, even without opening attachments. 

The IT departments of insurance companies and banks will be kept especially busy

No comments: