so, pgp/gpg has a vulnerability? i thought it was a standard, not a specific piece of software. how can it have a vulnerability like that?
@Jo @devurandom It's about clients so far, so I expect it to get worse.
@Zero_Democracy @devurandom Don't we all. 😓
@Jo @devurandom Another day, another zero day.
@devurandom I think the standard itself has a flaw, so any client that's implemented the standard will contain this vulnerability. Though I may be wrong, we'll find out when more info drops 🙃
@devurandom I was wrong! See this Tweet: https://twitter.com/gnupg/status/995931083584757760?s=21
@kimmie ōōōōōōh... that sounds better, i guess?
@devurandom PGP was a program, around which the OpenPGP standard was created. GPG is the GNU implementation of OpenPGP.
@devurandom Not so sure it does... Just saw a link showing it's not gpg/pgp but the way s/mime is badly implemented in email... https://twitter.com/gnupg/status/995931083584757760
Linked from: @Sniperovitch
@devurandom The standard itself might have a flaw, I suspect.