back to article SecurEnvoy SecurMail, you say? Only after this patch is applied, though

Recently resolved vulnerabilities in SecurEnvoy's encrypted email transfer SecurMail created a way for encrypted emails in users' inboxes to be read, overwritten and deleted by others. The flaws – uncovered by Austrian security firm SEC Consult during a crash test – included cross-site scripting, cross-site request forgery, …

Baking in encryption does not mean something is secure. Who'd have thought?

1
0
Anonymous Coward

Messages readable in plaintext from the server? Authentication bypass?

Sounds like a regular IMAP server using TLS is far more secure than this. Especially if you use PGP on top of it.

2
0

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Forums

Biting the hand that feeds IT © 1998–2018