Thunderbird and Efail
ben.bucksch at beonex.com
Wed May 16 00:59:40 UTC 2018
Nomis101 🐝 wrote on 16.05.18 01:31:
> I assume the S/MIME implementation is affected from Efail? Is this a
> serious issue for all Thunderbird users who are relying on S/MIME (and
> sending HTML emails)?
That said, the attack is an active MITM attack. The attacker needs to
modify your emails. You can also detect it. So, it's a crude attack from
an attacker's viewpoint.
Good news is that it's simple to mitigate. Simply enable View | Message
Body as | Simple HTML, and the attack will no longer work. This feature
neutralizes the attack in 2 different ways. If security is important to
you, you should enable that anyways, as it neutralizes whole classes of
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the tb-planning