Thunderbird and Efail

Phillip Hallam-Baker phill at hallambaker.com
Wed May 16 14:19:07 UTC 2018


On Tue, May 15, 2018 at 8:59 PM, Ben Bucksch <ben.bucksch at beonex.com> wrote:

> Nomis101 🐝 wrote on 16.05.18 01:31:
>
> I assume the S/MIME implementation is affected from Efail? Is this a
> serious issue for all Thunderbird users who are relying on S/MIME (and
> sending HTML emails)?
>
> https://efail.de
>
>
> Yes.
>
> That said, the attack is an active MITM attack. The attacker needs to
> modify your emails. You can also detect it. So, it's a crude attack from an
> attacker's viewpoint.
>
> Good news is that it's simple to mitigate. Simply enable View | Message
> Body as | Simple HTML, and the attack will no longer work. This feature
> neutralizes the attack in 2 different ways. If security is important to
> you, you should enable that anyways, as it neutralizes whole classes of
> attacks.
>
> Ben
>

​No. That is not the way to address a security issue.

Products have to ship in a secure state to be considered secure. If that is
the setting that is secure, that should be enforced in code.​

There is no reason to ever split a HTML body across MIME boundaries and I
cannot believe any existing mail client does anything close. So the obvious
fix is to make it a requirement that the HTML be all in one MIME part.


​The Thunderbird S/MIME implementation is utterly horrid. configuring TBird
to use certs was a 20 minute process​ last time I cared to try. And none of
that is necessary.

There are current discussions on how to make S/MIME fit for use. I think it
very likely that we will see something like ACME emerge but for SMTP and
that there will be free certificate providers.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.mozilla.org/pipermail/tb-planning/attachments/20180516/ffd4f6a4/attachment-0001.html>


More information about the tb-planning mailing list