The flaws affect S/MIME and OpenPGP, two technologies that e-mail programs often use to protect data.
The news: Ars Technica reports that security researchers in Germany have uncovered a way to decrypt e-mails that rely on the above techniques. They released their findings under the banner “Efail” in a paper published today.
The hacks: These essentially work by inserting manipulated text into an e-mail that’s been intercepted by hackers, and then sending it on to the unsuspecting recipient. Once the victim opens it, the malicious code tricks the program into sending a plain-text version back to the hacker. The researchers say new and archived e-mails are vulnerable.
Don’t settle for half the story.
Get paywall-free access to technology news for the here and now.