Digital Podcast

Episode 368: EFail Explained


Join Now to Share


TechSNAP show

Summary: <p>The EFail hype-train has hit hypersonic speed, we’ll tap the breaks and explain who disclosed it, what it is, what it’s not, our recommendations, and early reactions.</p> <p>Plus things to consider when deciding on-premises vs a cloud deployment, and the all business gadget from 1971 that kicked off the consumer electronics revolution. </p><p>Links:</p><ul> <li> <a title="The HP-35" rel="nofollow" href="http://codex99.com/design/the-hp35.html">The HP-35</a> — Consumer Electronics, an Origin Story</li> <li><a title="The people cost of building out a Kubernetes cluster on-prem | Operos" rel="nofollow" href="https://www.paxautoma.com/blog/2018/02/28/the-people-cost-of-building-out-kubernetes-cluster-on-prem.html">The people cost of building out a Kubernetes cluster on-prem | Operos</a></li> <li> <a title="EFAIL" rel="nofollow" href="https://efail.de/">EFAIL</a> — EFAIL describes vulnerabilities in the end-to-end encryption technologies OpenPGP and S/MIME that leak the plaintext of encrypted emails. </li> <li><a title="efail-attack-paper.pdf" rel="nofollow" href="https://efail.de/efail-attack-paper.pdf">efail-attack-paper.pdf</a></li> <li><a title="GnuPG Efail press release Response " rel="nofollow" href="https://lists.gnupg.org/pipermail/gnupg-users/2018-May/060334.html">GnuPG Efail press release Response </a></li> <li> <a title="No, PGP is not broken, not even with the Efail vulnerabilities - ProtonMail Blog" rel="nofollow" href="https://protonmail.com/blog/pgp-vulnerability-efail/">No, PGP is not broken, not even with the Efail vulnerabilities - ProtonMail Blog</a> — Recently, news broke about potential vulnerabilities in PGP, dubbed Efail. However, despite reports to the contrary, PGP is not actually broken, as we will explain in this post.</li> <li><a title="Eric's War Story is VERY Familiar" rel="nofollow" href="https://pastebin.com/509aJ1PN">Eric's War Story is VERY Familiar</a></li> <li><a title="When it rains it pours for Steve" rel="nofollow" href="https://pastebin.com/cMiJQANX">When it rains it pours for Steve</a></li> <li><a title="Critical Cisco WebEx Bug Allows Remote Code Execution " rel="nofollow" href="https://threatpost.com/critical-cisco-webex-bug-allows-remote-code-execution/131657/?utm_campaign=Security%2BNewsletter&amp;utm_source=Security_Newsletter_co_76">Critical Cisco WebEx Bug Allows Remote Code Execution </a></li> <li><a title="Cisco WebEx and 3rd Party Support Utilities" rel="nofollow" href="https://collaborationhelp.cisco.com/article/en-us/WBX000026396">Cisco WebEx and 3rd Party Support Utilities</a></li> </ul>