todsacerdotiDec 27

Gpg.fail

https://gpg.fail

gpg.fail

Show threadrurbanDec 27

Zero-days from the CCC talk https://fahrplan.events.ccc.de/congress/2025/fahrplan/event/...

But trust in Werner Koch is gone. Wontfix??

[39c3] To sign or not to sign: Practical vulnerabilities in GPG & friends

Beyond the underlying mathematics of cryptographic algorithms, there is a whole other layer of implementation code, assigning meaning to the processed data. For example, a signature verification operation both needs robust cryptography **and** ass...

39c3
Show threadcpach

To be frank, at this point, GPG has been a lost cause for basically decades.

People who are serious about security use newer, better tools that replace GPG. But keep in mind, there’s no “one ring to rule them all”.

Dec 27 at 6:06pmWeb
Show threadperching_aixDec 27
What are those better tools? I've been broadly looking into this space, but never ventured too deep.
Show threadsingpolyma3Dec 27
Sequoia for example has been doing a great job and implements the latest version of the standard which brings a lot of cryptography up to date
Show threadperching_aixDec 27
I'm yet to finish watching the talk, but it starts with them confirming the demo fraudulent .iso with sequoia also (they call it out by name), so this really makes me think. :)
Show threadtptacekDec 27
Sequioa hasn't fixed the attack from the beginning of the talk, the one where they convert between cleartext and full signature formats and inject unsigned bytes into the output because of the confusion.
Show threadameliaquiningDec 27
https://www.latacora.com/blog/2019/07/16/the-pgp-problem/#th... lists a bunch of them.
The PGP problem

The PGP problem

Latacora
Show threadp2detarDec 27

> Encrypting email

> Don't.

https://www.latacora.com/blog/2019/07/16/the-pgp-problem/#en...

I’m not sure I completely agree here. For private use, this seems fine. However, this isn’t how email encryption is typically implemented in an enterprise environment. It’s usually handled at the mail gateway rather than on a per-user basis. Enterprises also ensure that the receiving side supports email encryption as well.

edit: formatting

The PGP problem

The PGP problem

Latacora
Show threadtptacekDec 27
Your mail either needs to be encrypted reliably against real adversaries or it doesn't. A private emailing circle doesn't change that. If the idea here is, a private group of friends can just agree never to put anything in their subjects, or to accidentally send unencrypted replies, I'll just say I ran just such a private circle at Matasano, where we used encrypted mail to communicate about security assessment projects, and unencrypted replies happened.