[Autocrypt] EFF/EFAIL and Autocrypt

holger krekel holger at merlinux.eu
Tue May 15 07:08:27 EDT 2018

Hello autocrypt folks,

many of you have heard of the EFAIL vulnerabilities 
as communicated by the EFF.

To the best of current knowledge, the three released
Autocrypt-supporting user facing mail apps are affected 
in the following way:

- Enigmail is not affected since version 2.0 (released in March 2018).
  However, there is still an open vulnerability in Thunderbird, 
  therefore we recommend that you view messages as plain text 
  (menu View > Message Body as > Plain text).

- K-9 Mail/Android was never affected

- Delta.chat was never affected

That being said, we will monitor the situation and related security
discussions and inform here on any new insights, and remain
alert to update our mail software if needed. If you use other mail
programs with PGP support, it's probably a good idea to:

1. Turn off loading of external resources. This is a recommended 
   practice for privacy reasons anyway as this can be used 
   for remote tracking purposes.

2. Turn off automatic HTML rendering of messages 
   unless you really need it.

3. Check if the app or addons you are using 
   for PGP are up to date and follow the advise 
   of respective developers.

It's also always a good idea to use a 
reliable and trustworthy e-mail provider. 
After all, the attack requires both of

a) someone possessing recorded encrypted e-mail messages

b) injecting a new mangled recorded message to your incoming mail processing.

An attempted attack would probably show up in your mail INBOX and thus
not go unnoticed.  An attacker with access to a recorded encrypted
message can turn it into a new message that when decrypted and displayed
as HTML with a vulnerable client will reveal the content of the
encrypted message to them. Third parties (other than the e-mail provider) 
do usually not have access  to a person's e-mail message 
and thus cannot carry out the attack. 

Let us conclude that we find the general advice and communication from
the EFF to "stop using PGP"  misleading. It caused a lot of fear and
uncertainty and pushes users into the direction of not using e-mail PGP
encryption where they still should and, as in the case of Autocrypt and
other clients, can safely do. It is also unhelpful and largely
unpractical to recommend using Signal instead of e-mail. 

Patrick (Enigmail),
Vincent (K-9 Mail),
Bjoern (Delta.chat),
Holger (muacrypt)

More information about the Autocrypt mailing list