>Due to broken MIME parsers a bunch of MUAs seem to concatenate decrypted HTML mime parts which makes it easy to plant such HTML snippets.
To me this sounds strictly like a MUA issue, not a PGP/SMIME one. If that's really all it is it does seem massively overblown to me. Why not single out the broken MUA implementations instead of saying "don't decrypt emails OR YOU'LL DIE"? I mean just look at the wild speculation in this thread, nobody understood what was going on or even what was really vulnerable and what wasn't. Given the alarmist tone and the claims of "no workaround available" I was personally expecting a deep conceptual flaw in PGP/SMIME themselves. Terrible communication IMO. The parent email in the GnuPG thread seems to agree: https://lists.gnupg.org/pipermail/gnupg-users/2018-May/06031...
Sounds like this has been handled absolutely terrible both by the original researchers and EFF. The researcher then trying to shush the directly affected GPG developers on Twitter, evidently just for the sake of a stupid no-prior publication bullshit for their paper just adds to it.
I dunno, a client issue like this seems pretty terrible to me since there is no obvious (to me) way to fix it. If I am encrypting a message, I have no control over what client decrypts it (and whether that client unwittingly passes the information along) without maybe changing the standard completely.
The thing is, If I am reading correctly, it seems like this kind of vulnerability seems totally predictable.
I agree, after getting the details it's fair to say that while some MUAs should fix their handling of encrypted emails PGP implementations and the S/MIME standard shares a part of the blame by not detecting and preventing the decoding of tampered documents. Still, the way the problem was disclosed is rather misleading and confusing.
Oh, I thought you were making the "email should only be text" argument, not the "you should avoid looking at the non-text part of multipart email" argument. I was addressing the former.
To me this sounds strictly like a MUA issue, not a PGP/SMIME one. If that's really all it is it does seem massively overblown to me. Why not single out the broken MUA implementations instead of saying "don't decrypt emails OR YOU'LL DIE"? I mean just look at the wild speculation in this thread, nobody understood what was going on or even what was really vulnerable and what wasn't. Given the alarmist tone and the claims of "no workaround available" I was personally expecting a deep conceptual flaw in PGP/SMIME themselves. Terrible communication IMO. The parent email in the GnuPG thread seems to agree: https://lists.gnupg.org/pipermail/gnupg-users/2018-May/06031...
We'll know for sure tomorrow I suppose.