Encrypting your emails with PGP or S/MIME may no longer be the most secure option.
In certain situations, you can break the encryption and reveal the contents of your supposedly private emails, according to a team of researchers in Europe, who published a paper detailing how to pull plain text from emails secured with PGP or S/MIME encryption.
The researchers dubbed the flaw “EFail,” and say it affects over a dozen email clients, such as Apple Mail, Microsoft’s Outlook, and Thunderbird, which either support a plugin tool or use a native standard for their encryption.
To exploit the flaw, you need a copy of the victim’s encrypted emails. The researchers discovered you can actually alter the encrypted email with some computer code to trigger an HTML process that’ll decrypt it.
“In a nutshell, EFAIL abuses active content of HTML emails, for example externally loaded images or styles, to exfiltrate plain text through requested URLs,” the researchers write.
Once altered, the encrypted email can be sent back to the victim’s email client, which will mistakenly decrypt the contents inside and send the information to the attacker’s server via a URL request.
The researchers warn that journalists, political activists, and whistleblowers face the most risk from the flaw; for years, PGP has been a go-to tool to secure sensitive emails with a form of end-to-end encryption, with S/MIME acting as an alternative. In contrast, mainstream email clients simply process and store your messages using plain text.
That said, PGP isn’t exactly popular. The encryption standard was developed in 1991 and means “Pretty Good Privacy.” However, it’s notoriously hard to use. Even PGP’s original developer reportedly avoids it.
Critics have also been quick to cast doubt on the severity of the EFail vulnerability, noting that the hack isn’t easy to pull off.
The security flaw may also also represent more of a problem with PGP implementation than any bug with the encryption standard. For instance, ProtonMail, an email client that supports a version of PGP, is not affected.
“The real vulnerability is implementation errors in various PGP clients,” ProtonMail tweeted on Monday. Headlines claiming “PGP is vulnerable” are inaccurate, the email service added.
Werner Koch, the developer behind GNU Privacy Guard (GnuPG), an open-source PGP software suite, was also critical of the research. “It is long known that HTML mails and in particular external links … are evil,” he wrote on Monday.
The Electronic Frontier Foundation, on the other hand, is urging users to disable or uninstall PGP email plugins until the EFail threat is more widely understood. “Instead, use non-email based messaging platforms, like Signal, for your encrypted messaging needs. Use offline tools to decrpt PGP messages you have received in the past,” the group said.
The EFF also notes that the EFail vulnerability will probably spark debate over the security around both encryption standards. But in the meantime, affected email clients are preparing patches to address the flaw.
The Thunderbird project told PCMag it’s already testing a fix that it expects to roll out at the end of the week. GPGTools, another provider of the encryption software, also said an update is coming this week to mitigate the flaw.
For PGP users, the researchers created a page with more information on how you can protect yourself from the EFail threat. They warn that the flaw won’t be fully fixed until the IT community updates the PGP and S/MIME standards.
