Re: GnuPG efail - researcher discussion failure


Werner Koch <wk@...>
 

Hi!

On Tue, 15 May 2018 01:35, mcgrof@kernel.org said:

The tone should therefore have been more about tons of MUAs needing fixing. But
everything else seems hype.
Below is a mail I just sent to the gnupg-users list. I hope it shows a
bit of that overhyped thing by having a table easy to read in a mail.
The table is from draft 0.9.0 which was published yesterday a efail.de.


Shalom-Salam,

Werner

--8<---------------cut here---------------start------------->8---
Doesn't CERT read the paper before produciong a report? The table of
vulnerable MUAs is easy enough to read. To better see what we are
discussing, here is the table in plain text format with the check marks
replaced by yes and no.

TABLE OF VULNERABLE MAIL CLIENTS

| OS | Client | S/MIME | PGP |
| | | | -MDC | +MDC | SE |
|---------+-----------------+--------+------+------+-----|
| Windows | Outlook 2007 | yes | yes | yes | no |
| | Outlook 2010 | yes | no | no | no |
| | Outlook 2013 | user | no | no | no |
| | Outlook 2016 | user | no | no | no |
| | Win. 10 Mail | yes | – | – | – |
| | Win. Live Mail | yes | – | – | – |
| | The Bat! | user | no | no | no |
| | Postbox | yes | yes | yes | yes |
| | eM Client | yes | no | yes | no |
| | IBM Notes | yes | – | – | – |
| Linux | Thunderbird | yes | yes | yes | yes |
| | Evolution | yes | no | no | no |
| | Trojitá | yes | no | no | no |
| | KMail | user | no | no | no |
| | Claws | no | no | no | no |
| | Mutt | no | no | no | no |
| macOS | Apple Mail | yes | yes | yes | yes |
| | MailMate | yes | no | no | no |
| | Airmail | yes | yes | yes | yes |
| iOS | Mail App | yes | – | – | – |
| | Canary Mail | – | no | no | no |
| Android | K-9 Mail | – | no | no | no |
| | R2Mail2 | yes | no | yes | no |
| | MailDroid | yes | no | yes | no |
| | Nine | yes | – | – | – |
| Webmail | United Internet | – | no | no | no |
| | Mailbox.org | – | no | no | no |
| | ProtonMail | – | no | no | no |
| | Mailfence | – | no | no | no |
| | GMail | yes | – | – | – |
| Webapp | Roundcube | – | no | no | yes |
| | Horde IMP | user | no | yes | yes |
| | AfterLogic | – | no | no | no |
| | Rainloop | – | no | no | no |
| | Mailpile | – | no | no | no |


- = Encryption not supported
no = Not vulnerable
yes = Vulnerable
user = Vulnerable after user consent

-MDC = with stripped MDC, +MDC = with wrong MDC, SE = SE packets

My conclusion is that S/MIME is vulnerable in most clients with the
exception of The Bat!, Kmail, Claws, Mutt and Horde IMP. I take the
requirement for a user consent as non-vulnerable. Most of the
non-vulnerable clients use GnuPG as their engine.

For OpenPGP I see lots of no and only a few vulnerable clients: Support
for Outlook 2007 has long been dropped and Gpg4win/GpgOL gives a big
warning when you try to use it with OL2007. All other Outlook versions
are not vulnerable. The case for Thunderbird/Enigmail is not that clear
because the researcher confirmed that Enigmail 2.0 is in general not
vulnerable; we don't know which version of Enigmail was tested. I don't
know Postbox, Apple mailers or Horde IMP.
--8<---------------cut here---------------end--------------->8---


--
# Please read: Daniel Ellsberg - The Doomsday Machine #
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.

Join CII-badges@lists.coreinfrastructure.org to automatically receive all group messages.