Skip to main content
Go to ssd.eff.org
 
A Project of the Electronic Frontier Foundation
Security Education Companion
A free resource for digital security educators

Security News

Security News is an archive of curated EFF Deeplinks posts for trainers, technologists, and educators who teach digital security.

Issues that we track here include: country-specific policy updates on security and privacy, updates on malware and vulnerabilities, discussions on encryption and privacy-protecting tools, updates on surveillance (corporate surveillance, street-level surveillance, and mass surveillance), device searches by law and border enforcement, tracking via devices, and general digital security tips.

All tags tutorial international security policy frontline communities corporations and user data adversary capabilities metadata digital security trainers ... phone security guide tracking borders PGP vulnerabilities social media security HTTPS cell-site simulators software updates cloud security phishing browser privacy wi-fi security biometrics automated license plate readers 2FA internet of things tor source code wiping data printer security cryptography passwords

Disabling PGP in Outlook with Gpg4win

by Soraya Okuda, Starchy Grant, and Bill Budington | May 14, 2018

Researchers have developed code exploiting several vulnerabilities in PGP (including GPG) for email. In response, EFF’s current recommendation is to disable PGP integration in email clients.

Disabling PGP decryption in Outlook requires running the Gpg4win installer again so that you can choose not to have the GpgOL plug-in on your system. Your existing keys will remain available on your machine.

Download and open the Gpg4win installer.

You’ll then see the Gpg4win...

Read More

Disabling PGP in Apple Mail with GPGTools

by Soraya Okuda, Starchy Grant, and Bill Budington | May 14, 2018

Researchers have developed code exploiting several vulnerabilities in PGP (including GPG) for email. In response, EFF’s current recommendation is to disable PGP integration in email clients.

Disabling PGP decryption in Apple Mail requires deleting a “bundle” file used by the application. Your existing keys will remain available on your machine.

1. First, click the Mail icon in the dock.  

2. Click “Mail” in the menu bar...

Read More

Disabling PGP in Thunderbird with Enigmail

by Starchy Grant, Soraya Okuda, and Bill Budington | May 14, 2018

Researchers have developed code exploiting several vulnerabilities in PGP (including GPG) for email. In response, EFF’s current recommendation is to disable PGP integration in email clients.

Disabling PGP decryption in Thunderbird only requires disabling the Enigmail add-on. Your existing keys will remain available on your machine.

First click on the Thunderbird hamburger menu (the three horizontal lines).

2. Select...

Read More

Attention PGP Users: New Vulnerabilities Require You To Take Action Now

by Danny O'Brien and Gennie Gebhart | May 14, 2018

UPDATE: Enigmail and GPG Tools have been patched for EFAIL. For more up-to-date information, please see EFF's Surveillance Self-Defense guides.

UPDATE (5/14/18): More information has been released. See EFF's more detailed explanation and analysis here.

A group of European security researchers have released a warning about a set of vulnerabilities affecting users of PGP and S/MIME. EFF has been in communication with the research team, and...

Read More
Close tooltip