![]() ![]() To avoid having their OpenPGP keys exposed, Thunderbird users should update their email client to version 78.10.2 which protects against the bug. However, after the rewrite, the keys were protected using the client's automatic OpenPGP password before being copied to to the permanent storage area.Įngert and the reviewer assumed that the protection to the secret key would be preserved when copying it to the other storage area but this turned out to not be the case which led to users' OpenPGP keys being stored in plain text. Before the code rewrite, the email client would copy a key to the permanent storage area and then protect it using Thunderbird's automatic OpenPGP password. If entered correctly, the symmetric key will be unlocked and remembered for the remainder of the session, and any protected secrets can be unlocked as needed.”Įngert also explained that Thunderbird's key-handling processes had been rewritten in order to maintain their security and this is when the vulnerability was introduced. Learn about the latest gadgets and consumer tech products for entertainment, gaming. “As soon as the user has configured a master password, the first time any of the stored secrets is required by Firefox/Thunderbird, the user will be prompted to enter it. Find the latest technology news and expert tech product reviews. Figure 3: Configure your own mail filters. Figure 2: Changing the format of the date columns requires a hack. I've always liked it much better for managing email than Microsoft Outlook, though Outlook has some task/calendar features that Thunderbird lacked up until recently (and maybe still does partially). export LCTIMEenDK.UTF-8 & seamonkey -mail. ago Sure, I've used it for nearly 20 years. I use this trick in the launcher command to fx it. In a new report from The Register, the news outlet spoke with security software developer Kai Engert at the Mozilla Thunderbird Project who explained how master passwords are used by Firefox and Thunderbird to access stored secrets, saying: Currently, Thunderbird and SeaMonkey do not provide an easy way to customise the date columns. Version 78.10.2 will restore the protection mechanism for newly imported keys, and will automatically protect keys that had been imported using affected Thunderbird versions.” OpenPGP keys The master password protection was inactive for those keys. Mozilla has released the improved version of Thunderbird as Thunderbird 3 which is having lot many new features and a cool look. Thunderbird 52.9.0 is a security update first and foremost which makes it a recommended update for all users of the email client. ![]() “OpenPGP secret keys that were imported using Thunderbird version 78.8.1 up to version 78.10.1 were stored unencrypted on the user's local disk. Updated Email, Thunderbird 8 Listen to article The Thunderbird team has released a new version of the open source cross-platform email client. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |