Reply to post: It's quite telling, how this epic failure is downplayed

S/MIME artists: EFAIL email app flaws menace PGP-encrypted chats

Anonymous Coward
Anonymous Coward

It's quite telling, how this epic failure is downplayed

Both OpenPGP and SMIME standards are broken by bad design. The later completely, the first one due do later tacked on security-checking that wasn't always enforced and "warnings" still returned the encrypted text in any case.

And then the developer communities of OpenPGP implementations PGP, GPG vact like complete idiots by downplaying and bad mouthing the research, and even speaking in public before fixing the big issues, but denying to do so (despite their Twitter posts are still online).

And why is there such a big push to HTTPS? And why is there no push to encrypted email? Everything around encrypted HTTP and email gets to a bigger clusterfuck by the day. Especially why now? What has changed in 2017/18, that we suddenly need HTTPS and not encrypted mails at all. Some big power somewhere wants to see HTTPS everywhere and no email encryption anywhere.

What we definitely need is a new next gen TLS alternative without hidden backdoors, and it should be used for HTTPS and encrypted mail transfer.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon