Failure to encrypt e-mail exposes messages; see how to protect yourself

A team of researchers has discovered a flaw that exposes emails from famous service users such as Apple Mail, Microsoft Outlook and Mozilla Thunderbird. The vulnerability, called EFAIL, is present in the PGP and S / MIME protocols, the two most commonly used to protect sensitive messages, especially in the middle business.

According to experts, hackers can exploit the loophole to read any messages encrypted with these technologies in recent years. The recommendation is to disable the function in PC or Mac applications and use safer communication alternatives, such as Signal.

How to sync to mobile without installing apps?

Vulnerability in encryption software can expose emails from Outlook, Thunderbird and Apple Mail users

In an interview with the BBC, F-Secure security expert Mikko Hypponen said the vulnerability could be used to decrypt a cache file of emails sent in the past if an attacker had access to that data. Previously, old e-mail files stored on enterprise servers would supposedly be protected by PGP or S / MIME protocols.

The failure occurs by scanning HTML images contained in PGP or S / MIME-protected emails. The attacker first needs to access encrypted e-mail by spying on network traffic and gaining access to backups on servers or personal computers. The problem is aggravated by the applicability of the coup in messages collected years ago.

With the discovery of the flaw, the trend is for hackers to launch attacks on servers worldwide to get emails sent over the past few years. One possibility is the search for secrets for use in extortion schemes. For now, the only way to minimize the problem is to abandon cryptography technologies and resort to alternative forms of network security. So, learn in the tutorials below how to disable the service in Apple, Thunderbird and Outlook emails.

How to Disable Encryption in Apple Mail

Step 1. First, make sure Mail is closed. Then open the Finder and go to the "Go> Go to Folder" menu.

Open the Finder Quick Menu on the Mac

Step 2. In the window that opens then enter in the bar the address "/ Library / Mail / Bundles" (without quotes). Then confirm the action in "Go".

Open the path of installed bundles to Mail

Step 3. In the "Bundles" folder, find and move the file called "GPGMail.mailbundles" to the trash.

Move the GPG bundle to the trash

How to disable encryption in Thunderbird

Step 1. Open Thunderbird and go to the add-ons option from the main menu in the three-line icon in the upper right corner.

Access the Thunderbird add-ons menu

Step 2. In the list of extensions, disable or remove the "Enigmail" add-on to prevent the use of the PGP protocol in your messages.

Disable the Enigmail extension

How to disable encryption in Outlook

Step 1. Download the GPG4 installer ( to Windows and start the wizard as if you would install the security mechanism for the first time.

Download the security protocol installer

Step 2. In the component selection window, uncheck the "GpgOL" option and leave the rest of the alternatives unchanged. Select "Next" and finish the installation to remove the PGP protocol previously installed in Outlook.

Uncheck Open GPG to remove Outlook protocol

Via Electronic Frontier Foundation and BBC

How to create email with your own free domain? Ask your questions in the Forum.