Not much to do with PGP. The flaw is with loading external content in HTML emails. This has always been a way to spy on readers. This is just one of the reasons I prefer text/plain for email.
Mutt doesn't have any of these issues. It handles multipart mime as intended. Not sure if it is affected by the fact that GPG only issues a warning instead of failing in case of a missing MDC. But despite that, it doesn't allow any spying.
Yeah I really don't like all the hyped up coverage about "OMG PGP encryption is broken!!1!" because it's misleading and people are probably still on the safer side using encryption.
Plus the attack vector is preeetty specific and would likely only concern some high profile individuals
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Not much to do with PGP. The flaw is with loading external content in HTML emails. This has always been a way to spy on readers. This is just one of the reasons I prefer
text/plain
for email.Mutt doesn't have any of these issues. It handles multipart mime as intended. Not sure if it is affected by the fact that GPG only issues a warning instead of failing in case of a missing MDC. But despite that, it doesn't allow any spying.
Yeah I really don't like all the hyped up coverage about "OMG PGP encryption is broken!!1!" because it's misleading and people are probably still on the safer side using encryption.
Plus the attack vector is preeetty specific and would likely only concern some high profile individuals