Yesterday the news made headlines under the hashtag #Efail – researchers from Münster published exploits for S/MIME and PGP encrypted emails. The NoSpamProxy team has reviewed these with regard to relevance for NoSpamProxy customers and published a press release today.
In this context, it is also important to understand that the encryption algorithms of S/MIME and PGP have not been broken, but the contents are decrypted on the computer where the private key required for decryption is located, but these contents are transmitted to the attacker by “tricks”.
After a request from WDR to us, we were able to arrange an interview with Peter Hansemann, the managing director of NoSpamProxy partner ICN in Dortmund.
Link to the video:
Peter Hansemann’s conclusion: even imperfect encryption is better than no encryption at all.