Proton

Edited May 25th, 2018 to remove the GPGTools recommendation due to the fact that Apple still has not patched certain Apple Mail vulnerabilities.

We are the developers of Enigmail(новое окно), Mailvelope(новое окно), Proton Mail, and the inventor of PGP(новое окно). Together, we have built a lot of the software that powers email encryption today. Last week, a group of security researchers released a paper(новое окно) that was then promoted by the Electronic Frontier Foundation(новое окно) (EFF) and received significant media coverage. The EFF and many news outlets proclaimed there are “serious vulnerabilities in PGP” and recommended that users disable PGP email encryption.

These statements are highly misleading and potentially dangerous. PGP is not broken. The vulnerabilities identified by eFail are not flaws with the OpenPGP protocol itself but rather flaws in certain implementations of PGP, including in Apple Mail and Mozilla Thunderbird. Many other commonly used software based upon PGP are not affected by the eFail vulnerability in any way, as the researchers themselves point out in their paper.

As an open standard, anybody can implement PGP, and it comes as no surprise that some implementations have security weaknesses.

However, this does not mean PGP itself is broken.

Our recommendation to PGP users

In light of the eFail vulnerability, we recommend that PGP users:

  • Use PGP implementations that are not impacted by eFail, or update their PGP software to the latest version.
  • Ensure that everyone you communicate with is also using unaffected implementations or has updated their PGP software. Be sure to get a verified confirmation from your contacts before sending sensitive information to them.

Among the commonly used software based on PGP, GnuPG, Mailvelope, and Proton Mail were never susceptible to eFail. Enigmail and GPGtools were vulnerable, and we recommend the following mitigations:

  • If you use Enigmail, upgrade to version 2.0.5, use only simple HTML or plain text viewing modes in Thunderbird, and update to the latest version of Thunderbird
  • If you use GPGTools with Apple Mail, switch to Enigmail and Thunderbird, or one of the other unimpacted implementations like Proton Mail or Mailvelope.

Why our recommendation is better than EFF’s recommendation

EFF recommended that users disable PGP plugins or stop using PGP altogether. This is akin to saying, “Some locks can be broken; therefore we must remove all doors.” This is particularly dangerous because it can put at risk individuals who rely on PGP encryption for security.

Both our recommendations and EFF’s recommendations require user action on the part of the sender and recipient of messages, but our recommendation provides better security. If you receive PGP email, following our recommendation protects you from eFail, while still allowing you to easily decrypt PGP messages. If you send PGP email, you need to inform your contacts to take appropriate action. If you give them EFFs recommendation, you may not be able to exchange encrypted messages with them. If you follow our recommendation, you can continue to use email encryption safely. It is that simple.

Using a secure PGP implementation will always be a better solution than not using encryption at all for email communication.

Concluding thoughts

Given that the OpenPGP protocol is still fundamentally secure, the recommendation publicized in the eFail announcements just does not make sense, especially considering that the vulnerabilities are so easy to mitigate.

Email is the world’s most widespread form of communication, and is an irreplaceable tool for many forms of communication. It is essential to improve the security of email, and PGP encryption plays a crucial role in this. As PGP developers, we are committed to keeping PGP users safe.

Signed,

Andy Yen, Founder, Proton(новое окно)
Phil Zimmermann(новое окно), Creator, PGP
Patrick Brunschwig, Founder, Enigmail(новое окно)
Thomas Oberndörfer, Founder, Mailvelope(новое окно)

You can also find additional technical statements from GnuPG(новое окно) and Proton Mail(новое окно).

Статьи по теме

The cover image for a Proton Pass blog comparing SAML and OAuth as protocols for business protection
en
SAML and OAuth help your workers access your network securely, but what's the difference? Here's what you need to know.
Proton Lifetime Fundraiser 7th edition
en
  • Новости Proton
Learn how to join our 2024 Lifetime Account Charity Fundraiser, your chance to win our most exclusive plan and fight for a better internet.
The cover image for a Proton Pass blog about zero trust security showing a dial marked 'zero trust' turned all the way to the right
en
  • Для бизнеса
Cybersecurity for businesses is harder than ever: find out how zero trust security can prevent data breaches within your business.
How to protect your inbox from an email extractor
en
  • Советы о конфиденциальности
Learn how an email extractor works, why your email address is valuable, how to protect your inbox, and what to do if your email address is exposed.
How to whitelist an email address and keep important messages in your inbox
en
  • Советы о конфиденциальности
Find out what email whitelisting is, why it’s useful, how to whitelist email addresses on different platforms, and how Proton Mail can help.
The cover image for Proton blog about cyberthreats businesses will face in 2025, showing a webpage, a mask, and an error message hanging on a fishing hook
en
  • Для бизнеса
Thousands of businesses of all sizes were impacted by cybercrime in 2024. Here are the top cybersecurity threats we expect companies to face in 2025—and how Proton Pass can protect your business.