On May 15 earlier this year, the Electronic Frontier Foundation announced that a team of researchers from two universities in Germany and one university in Belgium had uncovered Efail, a malicious method used to expose email messages in plain text.
What they didn’t mention is that the means that they describe to exfiltrate encrypted messages have been known since 1999.
To be vulnerable to an Efail attack, email clients must use PGP or S/MIME to encrypt messages. Among the affected email, clients are Apple Mail with the GPGTools encryption plug-in, Mozilla Thunderbird with the Enigmail plug-in, and Outlook with the Gpg4win encryption package.
PGP or S/MIME are programs that add an additional layer of protection to emails. People who work in vulnerable, dangerous environments such as journalists, political activists, and whistleblowers use PGP or S/MIME to prevent their messages from being hacked.
Unfortunately, using these programs, in conjunction with an HTML formatted email, allows an attacker to exfiltrate plaintext from hijacked emails. The attacker must have access to a victim’s encrypted email. The message is modified and sent back to the user, where the email client will decrypt it. Using the HTML tags, the decrypted messages are sent back to the attacker through a request. This even works for emails that were sent in the past.
Of course, the paper has been controversial. Enigmail’s Robert J. Hansen called the warnings “a tempest in a teapot” and suggested that the public not panic. He encouraged people to use the latest version of Enigmail.
The developers of Enigmail, Mailvelope, ProtonMail, and the inventor of PGP issued an official statement about the Efail paper.
“The statements are highly misleading and potentially dangerous. PGP is not broken. The vulnerabilities identified by Efail are not flaws with the OpenPGP protocol itself but rather flaws in certain implementations of PGP, including in Apple Mail and Mozilla Thunderbird.”
In a teaching moment, Pedro Umbelino writes about the tracking pixel. This is a common tool for the ad industry that is used to gather data. Umbelino explains that tracking pixels are used in HTML formatted emails. It’s a tiny little image that is inserted into a webpage or email. The tracker causes the client to make a request of another server. The upshot is that using this tracker allows a treasure trove of data from the user to be sent to the tracking pixel’s agent.
This is essentially what is happening in Efail.
EFail | Preventative Measures
The researchers behind the Efail paper recommend four actions to prevent malicious attacks.
- Use a third-party application to decrypt your email messages;
- Disable HTML rendering;
- Be on the lookout for patches, which the authors believe will be forthcoming soon.
- The standards of PGP and S/MIME should be updated
Umbelino believes most of these actions are tossing the baby with the bathwater. He recommends disabling HTML rending and this will take care of the issue.
The PPG developers believe that the mitigation suggestions from the Efail are like saying, “’Some locks can be broken; therefore we must remove all doors.’ This is particularly dangerous because it can put at risk individuals who rely on PGP encryption for security.”
Efail | Precautions
Instead, the PPG developers issued these precautions:
- Use PGP implementations that are not impacted by Efail, or update their PGP software to the latest version.
- Ensure that everyone you communicate with is also using unaffected implementations or has updated their PGP software. Be sure to get a verified confirmation from your contacts before sending sensitive information to them.
Among the commonly used software based on PGP, GnuPG, Mailvelope, and ProtonMail were never susceptible to Efail. Enigmail and GPGtools were vulnerable, and we recommend the following mitigations:
- If you use Enigmail, upgrade to version 2.0.5, use only simple HTML or plain text viewing modes in Thunderbird, and update to the latest version of Thunderbird
- If you use GPGTools with Apple Mail, switch to Enigmail and Thunderbird, or one of the other unimpacted implementations like ProtonMail or Mailvelope.
The take away from the entire Efail issue seems to be that hackers will always try to find a way in, therefore, take security as seriously as if your license depends on it.