May 15th, 2018
- My thoughts about Efail are a bit more nuanced.
- First off, the real story here is the insecurity of S/MIME. That protocol is used by a huge number of firms handling confidential and classified email. The fact that this protocol — and Microsoft Outlook — are broken is a really big deal. There have been several breaches of defense contractors here in the US, and I’m sure that similar hacks have occurred in Europe. It’s a very big problem that our “main” corporate encrypted email protocol is this weak.
- Regarding PGP:
- In general, I think it’s much more useful to look at the overall security of a system, rather than trying to assign blame to different components. The PGP “community”, by which I mean a collection of open source developers on GnuPG and other client projects, have spent a lot of time trying to assign blame. This isn’t very interesting to me.
- The fact of the matter is that Efail is a very serious bug that occurs across a large number of different email clients. It enables total decryption of email messages, something that absolutely should not be possible in 2018. Even worse, the flaws that cause Efail have been well known since at least 2000-2001. The fact that this is occurring in so many different email clients indicates, to me, that the PGP tool development community is not pursuing cryptographic security to the extent required of a serious encryption tool.
- Rather than ask “who to blame”, I’d say: ask *why* this is occurring.
- The answer, it seems to me, is that nobody is really *leading* the PGP community in any way. Leadership in this sense means somebody who is in a position of influence, who works on various projects, and who uses and communicates with other developers in the space. This person would be aware when clients are doing things improperly, and would say something about it. If possible they would modify their own tools to ensure that third party clients can’t misuse them. Other open source encryption projects like TLS have the IETF and a handful of strong experts in corporate positions. PGP doesn’t really have anything comparable.
- A natural location for this kind of leadership would be the GnuPG project, which is a tool that most of these systems use. But the managers of the GnuPG project have mostly decided that this is somebody else’s problem. And they’ve made that clear in the way they responded to Efail.
- In the absence of clear security leadership, my view is: take very good care using this ecosystem. Because unless you’ve extensively reviewed all of the tools that you’re using, you can’t be sure that they will interact safely together, since nobody else is checking their work. And even if *you* get everything right, you’re not safe unless you make sure that all of your communication partners are also using safe toolchains. In my opinion, this is very hard to get right. And so — until this changes substantially -- I wouldn’t trust the PGP ecosystem for extremely sensitive communications.
Please, Sign In to add comment