Mastodawn

🔒 I waited 4 years for Mailfence. Here's why it failed:

99% of emails unencrypted (manual PGP setup required, zero user guidance)
Closed-source = zero verification
No E2EE for calendar/contacts
OpenPGP EFAIL vulnerabilities remain exploitable
Metadata still fully exposed

EU jurisdiction ≠ cryptographic protection.
Privacy theater is still theater. You deserve better.
Full technical analysis: https://open.substack.com/pub/kaifisahil/p/i-waited-4-years-for-mailfence-heres?r=6p8e80&utm_campaign=post&utm_medium=web&showWelcomeOnShare=true

#Privacy #EmailSecurity #OpenPGP #EFAIL #InfoSec #PrivacyTools

I Waited 4 Years for Mailfence. Here's What I Found.

A privacy enthusiast’s technical breakdown of why this “secure” email service fails to deliver on its promises — and why 99% of users’ emails remain completely unencrypted.

The Breakwater

Show thread

Cory Doctorow May 30, 2023

#5yrsago #Efail: instructions for using #PGP again as safely as is possible for now https://www.eff.org/deeplinks/2018/05/how-turn-pgp-back-safely-possible

#5yrsago @eff on #Cockygate: trademark trolls vs romance literature https://www.eff.org/takedowns/author-trademarks-cocky-earns-ire-romance-writers-everywhere

#1yrago Apple's Cement Overshoes https://pluralistic.net/2022/05/30/80-lbs/#malicious-compliance

How To Turn PGP Back On As Safely As Possible

UPDATE: Enigmail and GPG Tools have been patched for EFAIL. For more up-to-date information, please see EFF's Surveillance Self-Defense guides.Previously, EFF recommended to PGP users that, because of new attacks revealed by researchers from Münster University of Applied Sciences, Ruhr University...

Electronic Frontier Foundation

Campusradio Karlsruhe Feb 16, 2023

E-Mails: Not Safe For Work?

Was ist, wenn deine E-Mails nicht so sicher sind, wie du denkst? Schonmal vom #EFAIL gehört? Denn auch Ende-zu-Ende-Verschlüsselungen können geknackt werden. David und Béla erklären das in #Softwarekatastrophen
17.2. 9 Uhr

https://www.campusradio-karlsruhe.de/2023/02/16/e-mails-not-safe-for-work/

E-Mails: Not Safe For Work? – Campusradio Karlsruhe

Show thread

LisPi Jan 27, 2023

@laplace You can, but to a point #EFAIL (https://efail.de/) has demonstrated why that's a brittle way to handle the issue.

There are also other issues with #GPG's quality as a cryptographic implementation (part of those design flaws being inherent to #PGP).

I haven't given its code enough of a look-over, but #NNCP (https://nncp.mirrors.quux.org/) seems like a viable method (https://nncp.mirrors.quux.org/UsecasePOP.html) that is also simpler (https://www.complete.org/nncp/).

#email #AsynchronousCommunication

EFAIL

Aaron Toponce ⚛️

Jun 30, 2021

It's been 3 years since the #EFAIL disclosure, and I'm still impressed with the attack.

Golem (inoffiziell)Sep 30, 2019

Sicherheitslücke: Angreifer können verschlüsselte PDF-Daten leaken www.golem.de/news/sicherheitsl… #PDF #Datensicherheit #Efail #Passwort #Sicherheitslücke #Verschlüsselung #Server #Technologie #Security

Sicherheitslücke: Angreifer können verschlüsselte PDF-Daten leaken - Golem.de

Passwortgeschützte PDF-Dateien bieten wenig Sicherheit. Ein Angreifer, der die Dateien manipulieren kann, kann dafür sorgen, dass deren Inhalt geleakt wird. Abhilfe gibt es

Just Bjarni 🙊 🇮🇸 🍏Sep 2, 2019

After #CCCamp19, I made some important #OpenPGP / #EFail related security fixes to the #Mailpile master branch and nightly packages.

I blogged about the what and the why, here: https://www.mailpile.is/blog/2019-08-31_CCCamp_EFail.html

Mailpile: CCCamp19 and further EFail mitigations

CryptoParty Berlin Jan 24, 2019

Today's #35C3 talk recommendation is rather technical: "Attacking end-to-end email encryption" -- #EFail explained:
https://media.ccc.de/v/35c3-9463-attacking_end-to-end_email_encryption

Attacking end-to-end email encryption

media.ccc.de

Carpe Diem Dec 28, 2018

I’m the Signal Angel for the #35c3 #hallA talk “Attacking end-to-end email encryption” about #efail. If you have questions for the speaker please mention me/use the hall hashtag and I’ll relay the during Q&A.

cosasdemamas Dec 21, 2018

Tenemos un nuevo concierto de Leiva en sevilla, quereis ver la previa?

https://youtu.be/NuwtNkvbCZk

#nodejs #efail