The encryption of e-mails today is largely self-evident and is done automatically by many tools. After all, security is a big issue, especially in business e-mails. But nothing is 100 percent secure – neither PGP and S / MIME. In these encryption technologies serious security holes were now found. The EFF (Electronic Frontier Foundation) even recommends deactivating e-mail encryption until the problem is resolved.
As the EFF stated in a blog post, a group of European security researchers have found the security flaw that threatens the security of e-mail communication. It is assumed that the content can be accessed via the vulnerability – and that of course invites hackers to abuse. Details on the vulnerability are yet to be published. Until the problem is solved, however, it is not recommended to use S / MIME or PGP encryption. Where possible, the feature should be disabled.
This problem shows once again that nothing is really safe. Vulnerabilities can arise everywhere and encryption is not infallible. Nevertheless, it is of course right and important to use such technologies in business e-mail traffic. Although the current vulnerability may cause some doubt, it is the best possible protection against abuse.