schemeJan 10
I was suspicious from the start about the #GPGfail talk at #39C3, because Lexi manages to actually verify Fedora GPG signatures. In its default config, GPG on Fedora doesn't even find the system keys needed to verify its own install image (despite them clearly being available because DNF works).
Lars FischerJan 7

Aufgrund der schwerwiegenden Sicherheitslücken die unter https://gpg.fail aufgeführt sind, habe ich mich heute gezwungen gesehen eine Warnung vor GnuPG in meinem Tutorial anzubringen.
https://informatik.hs-bremerhaven.de/lafischer/tutorials/2023-11-20-gnupg.html

Als wirklich langjähriger Nutzer von GnuPG und aktiver Don Quichotte für Email-Verschlüsselung und -Authentizität finde ich das eine sehr betrübliche Situation.

Nach Alternativen für meine Toolchain schaue ich mich gerade um. Erster Kandidat ist #sequoia (https://sequoia-pgp.org/). Und auf den ersten Blick bin ich schon mal davon erfreut, dass ich dort DANE direkt unterstützt sehe.

Kann jemand andere OpenPGP-Werkzeuge empfehlen? Und warum?

#gpgfail

gpg.fail

Show threadwrJan 4

@smp Let's see it in action

Fake content injection

$ python3 gpg_injector.py --input plain_public_key.asc --script designs/fake_key_summary.py --output result_key.asc --text "pub rsa2048 2011-09-20 [SC]
ABAF11C65A2970B130ABE3C479BE3E4300411886
uid Linus Torvalds <torvalds@kernel.org>
uid Linus Torvalds <torvalds@linux-foundation.org>
sub rsa2048 2011-09-20 [E]"
Success! Saved to: result_key.asc
$

Result key file inspection shows the fake content only

$ cat result_key.asc | gpg -q
pub rsa2048 2011-09-20 [SC]
ABAF11C65A2970B130ABE3C479BE3E4300411886
uid Linus Torvalds <torvalds@kernel.org>
uid Linus Torvalds <torvalds@linux-foundation.org>
sub rsa2048 2011-09-20 [E]
$

The original text content is still there, just not visible. You can still see it by filtering out control characters

$ cat result_key.asc | gpg -q | col
pub rsa2048 2011-09-20 [SC]
ABAF11C65A2970B130ABE3C479BE3E4300411886
uid Linus Torvalds <torvalds@kernel.org>
uid Linus Torvalds <torvalds@linux-foundation.org>
sub rsa2048 2011-09-20 [E]
pub ed25519 2026-01-02 [SC]
3CFD7AF324A5BF9338E1FC51CAA66F0A6240D4F4
uid Demo User <smp@chaos.social>
sub cv25519 2026-01-02 [E]
$

The key file is still valid:

$ gpg --import result_key.asc
gpg: key CAA66F0A6240D4F4: "Demo User <smp@chaos.social>" not changed
gpg: Total number processed: 1
gpg: unchanged: 1
$ gpg --list-public-keys 3CFD7AF324A5BF9338E1FC51CAA66F0A6240D4F4
pub ed25519 2026-01-02 [SC]
3CFD7AF324A5BF9338E1FC51CAA66F0A6240D4F4
uid [ unknown] Demo User <smp@chaos.social>
sub cv25519 2026-01-02 [E]

$

And obviously, the fake key never existed

$ gpg --list-public-keys ABAF11C65A2970B130ABE3C479BE3E4300411886
gpg: error reading key: No public key
$

#gpg #gnupg #gpgfail

FreePG ProjectJan 1

#GnuPG 2.4.9-freepg has been released.

It contains all the latest bug fixes from upstream GnuPG, plus the usual FreePG patches.

In addition, a fix for the default filename path traversal issue identified by #gpgfail has been backported from upstream 2.5.16 (https://gpg.fail/filename)

https://gitlab.com/freepg/gnupg/-/releases/gnupg-2.4.9-freepg

gpg.fail

bugrasanDec 29
interesting findings, still unfixed and makes me wonder how it has been dealt with some of the bugs. overall a refreshing perspective about #gpgfail and its ecosystem.
https://media.ccc.de/v/39c3-to-sign-or-not-to-sign-practical-vulnerabilities-i
terrorist :: FelineDec 28

Lots of vulnerabilities in #gpg posted

gpg.fail
https://gpg.fail/

#gpgfail #pgp #encryption #cybersecurity #vulnerability #cve

gpg.fail

Show threadDelta ChatDec 28
@jan once details are published, and #39c3 is over, well take another look. But note that #deltachat's usage of #openpgp is intentionally minimal. #Gpgfail is a lot about failures of signature verification, and parsing problems in the gpg c-implementation but #deltachat doesn't use these mechanisms or code at all. The @rpgp folks are still studying the details, and there might be issues, so maybe also follow them for more details. Again, this doesn't affect deltachat as things stand.
Delta ChatDec 28

Relax 😎! GPG is not OpenPGP!

Yesterday, vulnerabilities were published https://gpg.fail but they don't affect #deltachat or other #chatmail clients because

A) We never used #gnupg for anything; we use the modern #rustlang #openpgp implementation @rpgp, security audited multiple times.

B) #openpgp is fine, as modernized in #RFC9580, which already warns against several #gpgfail issues (gpg didn't implement that spec)

Please spread the word that #gpg is not #openpgp ... Thanks! #39c3

gpg.fail

Euph0r14Dec 27

The #39c3 #gpgfail VOD is now live!

Truly insane to have so many exploits, and that there are several wontfix

https://media.ccc.de/v/39c3-to-sign-or-not-to-sign-practical-vulnerabilities-i

To sign or not to sign: Practical vulnerabilities in GPG & friends

media.ccc.de
urxDec 27
#gpgfail war ein guter Nerdvortrag. Bissi schnell, aber es gab auch viele Findings. Eloquente Speaker. #39c3