› Foros › Noticias › Tecnología
Since the Efail guys and @EFF are failing at actually documenting mitigations, here they are:
- Use Enigmail 2.0 or later
- Use Thunderbird 52.7.0 or later
That's it.
STeNYaK escribió:Lleva arreglado un tiempo ya:Since the Efail guys and @EFF are failing at actually documenting mitigations, here they are:
- Use Enigmail 2.0 or later
- Use Thunderbird 52.7.0 or later
That's it.
(sacado de https://twitter.com/marcan42/status/996275862273081344 )
What is this about and how is KMail affected? (Spoiler: KMail users are safe by default.)
Alejo I escribió:Interesante, Actualizo la noticia. En cualquier caso, ¿no están otros clientes afectados?. Entiendo por el sitio de EFAIL que hay literalmente decenas.
STeNYaK escribió:Alejo I escribió:Interesante, Actualizo la noticia. En cualquier caso, ¿no están otros clientes afectados?. Entiendo por el sitio de EFAIL que hay literalmente decenas.
Hasta donde yo se (que no es mucho!), las vulnerabilidades (o mas bien bugs) en todo caso estan en algunos clientes de correo, y no en los sistemas de cifrado en si.
coyote escribió:What is this about and how is KMail affected? (Spoiler: KMail users are safe by default.)
https://dot.kde.org/2018/05/15/efail-and-kmail
Alejo I escribió:coyote escribió:What is this about and how is KMail affected? (Spoiler: KMail users are safe by default.)
https://dot.kde.org/2018/05/15/efail-and-kmail
¿Detecto un fan de KDE por ahí?
Our advice, which mirrors that of the researchers, is to immediately disable and/or uninstall tools that automatically decrypt PGP-encrypted email. Until the flaws described in the paper are more widely understood and fixed, users should arrange for the use of alternative end-to-end secure channels, such as Signal, and temporarily stop sending and especially reading PGP-encrypted email.