Jonkman Microblog
  • Login
Show Navigation

  • Public

    • Public
    • Network
    • Groups
    • Popular
    • People

Conversation

Notices

  1. Tinker ☀️ (tinker@infosec.exchange)'s status on Monday, 14-May-2018 14:10:53 EDT Tinker ☀️ Tinker ☀️

    So after a couple meetings and going through more of the links, including the GPG response, etc.

    My thoughts on the #efail vuln:

    1) The core requirement is that an attacker needs to get ahold of an encrypted email first. This is axiomatic. This is the thing that they need to decrypt.

    The attacker can do either by:
    a) Sniffing the encrypted email in transit
    b) Stealing the encrypted email at rest.

    In conversation Monday, 14-May-2018 14:10:53 EDT from infosec.exchange permalink
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

Jonkman Microblog is a social network, courtesy of SOBAC Microcomputer Services. It runs on GNU social, version 1.2.0-beta5, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All Jonkman Microblog content and data are available under the Creative Commons Attribution 3.0 license.

Switch to desktop site layout.