Messages

"Current notices about Posteo: News, developments, background information and media appearances."

Blog and Media

Categories:

  • Blog
  • Press
  • Info

Update: Information about "Efail" reports

Created on 14. May 2018, 18:40 | Category: Blog

Update on May 15, 15:30:

We have an update for all users of Mailvelope:
The open source encryption plug-in Mailvelope is not affected by the critical Efail vulnerabilities and can continue to be used. Mailvelope communicated this information earlier this afternoon. With Mailvelope, PGP can be used in Posteo’s webmailer. We are in contact with the Mailvelope developer, Thomas Oberndörfer.
Nevertheless, he announced that they will improve the plug-in’s handling of HTML emails in regards to privacy for example by making the loading of external content such as images optional.
He recommends that users update to today’s release (Version 2.2.2) as minor problems have been fixed.

May 14, 18:40:

Dear Posteo users,

Today, the media has reported vulnerabilities within the end-to-end encryption standards, PGP and S/MIME.

We only became aware of the investigation today. Because of this, we cannot make any final assessments about the publication yet. We’re currently examining the document for you and are getting assessments from security experts. Furthermore, we have made contact with developers from current encryption software.

We’d like to respond to some questions we’ve received and also provide some initial tips for users of PGP and S/MIME. We will update this blog entry with any news.

Summary:
1.) If you do not use end-to-end encryption with PGP or S/MIME then you are not affected by this issue.
2.) If you use PGP or S/MIME, disable HTML rendering and external content from being loaded. (We’ve provided instructions on how to do this at the end of this blog entry)
3.) All participants of an encrypted communication must take the measures described in point 2.) of this summary.

Is email encryption unsafe now?

No, as a generalisation this is not correct as there is no “singular” form of email encryption. In general, emails nowadays are simultaneously secured through various security and encryption technologies. For example, end-to-end encryption does not protect the entire email communication even if many people believe it does. It only protects the content data.
The email’s metadata and subject are protected by the providers’ transport route encryption.

In reality, the security of an email correspondence depends on the combination of various technologies. When one encryption technology is viewed separately, it doesn’t say much about the actual security of a specific email communication in practice.

Attacks are only possible under strict conditions

The creators of this investigation presume in their scenario that an attacker already has access to an encrypted communication. However, nowadays email providers utilise security technologies that effectively prevent man-in-the-middle attacks and unauthorised access to encrypted communication.

The German Federal Office for Information Security (BSI) also describes the conditions for an attack (German text):
“An attacker has to have access to the transport route, the mail server or the email account of the recipient to exploit the vulnerabilities.”

The fact is that providers today are constantly improving secure transport routes, mail servers and accounts. We always utilise state of the art technology. Users should also secure their end devices as well.
Here’s an example of how we secure transport routes. In 2014, we were the first provider to implement the innovative technology DANE that eliminates the current vulnerabilities in transport route encryption (TLS). A combination of end-to-end encryption with a DANE-based transport route encryption results in a very high level of protection.
Tip: In Posteo’s webmailer you are notified before sending an encrypted email whether it will be protected with DANE or not .

We protect email servers with numerous technologies and an infrastructure that particularly protects our internal network and customers’ mailboxes consistently from external access. You can protect your account with a strong password. We encrypt every access to your account with the latest technologies. You can achieve an even higher level of protection if you activate two-factor authentication with additional email account protection. By activating the TLS-sending guarantee, you prevent your emails from being transferred to another email server without transport route encryption.

The German Federal Office for Information Security (BSI) describes another condition for an attack:
“Additionally the recipient would have to allow active content, or in other words, the rendering of HTML code and in particular the loading of external content.”

Because of this, users of end-to-end encryption should immediately review and adjust their settings for loading HTML code and external content accordingly. This should avert any acute dangers.

Guide for disabling external content from being loaded or HTML rendering

Thunderbird:
Disable HTML rendering:
1. Click on the sandwich-button in the top right corner of Thunderbird.
2. Click on “View”.
3. Under “Message Body As” select the menu item “Plain Text”.
Disable external content:
1. Click on the sandwich-button in the top right corner of Thunder and open “Options” / “Preferences”.
2. Open the menu item “Privacy”.
3. Under the category “Mail Content”, remove the tickmark “Allow remote content in messages”.

Apple Mail:
1. From the menu bar click on “Mail” and open “Preferences”.
2. Open the menu item “Viewing”.
3. Remove the tickmark from “Load remote content in messages”.

iOS:
1. Open “Settings”.
2. Touch “Mail”.
3. In the category “Messages”, deactivate the switch next to “Load Remote Images”.

Outlook:
1. Click on “File” and on the side menu on “Options”.
2. Open the menu item “Trust Center” and click on “Trust Center Settings”.
3. Click on “Email Security”.
4. In the section “Read as Plain Text” place a tickmark next to “Read all standard mail in plain text” and also by “Read all digitally signed mail in plain text”.
5. Confirm the changes with a click on “Ok”.

Best Regards,
The Posteo Team

New security certificates

Created on 09. January 2018, 13:00 | Category: Info

Dear Posteo users,

In the coming days we will be updating our security certificates. Security certificates are only valid for a specified time period and need to be renewed from time to time. We will therefore be changing them by 22.01.2018. We continue to use certificates from Geotrust (Digicert) and the Bundesdruckerei (D-Trust).

In most cases you will not notice anything when the certificates are changed over. All programs such as Thunderbird or Outlook will find the new certificate automatically. You do not need to do anything. If your program displays a certificate error during the changeover process, please simply restart the program, which should overcome the error.

If you check the trustworthiness of certificates manually, you can find the fingerprints for the new certificates that we will shortly begin using, below. You can also find the fingerprints in our legal notice.

New fingerprints for TLS security certificates

Geotrust:
SHA256: FB:28:42:1E:23:AD:8A:23:8B:AB:C1:ED:FD:86:FD:F5:30:C6:D9:35:E0:E6:D8:91:CD:F3:77:66:05:C5:75:33
SHA1: AC:9D:4C:F6:36:78:FE:D6:EB:5C:CE:F9:DA:CB:69:CE:0A:93:F4:58
MD5: E9:B3:0A:C5:76:86:0C:FC:15:3D:43:D9:6E:CD:FC:CE

D-Trust:
SHA256: 09:63:1B:8C:35:CD:67:0E:AB:60:B3:63:1E:F3:42:DB:9F:43:5E:09:AD:09:A5:90:49:33:26:F2:FD:B4:D7:AA
SHA1: B6:B8:3C:59:23:22:33:07:88:9E:DD:B9:8D:2D:ED:6C:FA:32:E9:04
MD5: 5D:3F:4C:A3:72:7F:8B:3A:54:92:B4:C8:BC:D5:D9:B7

Best regards,

The Posteo team

New: Easy email encryption with Autocrypt and OpenPGP header

Created on 21. December 2017, 18:30 | Category: Info

Dear Posteo users,

Starting this week, we are now supporting the new encryption method Autocrypt, which will soon simplify real end-to-end encryption in email applications. Posteo customers will be able to use the technology as soon as email applications supporting Autocrypt are available.

The trendsetting method is being integrated into popular email applications such as Thunderbird with Enigmail and K-9 Mail for Android. New versions of these email applications (Enigmail 2.0 and K-9 Mail 5.3) will support Autocrypt.

When email senders and recipients are using email applications compatible with Autocrypt, they can use end-to-end encrypted communication with no additional effort: the email applications automatically encrypt emails with PGP prior to transmission while exchanging public keys automatically in the background. The manual exchange and management of keys – which users often perceive as complicated – is becoming superfluous: Prior to the first encrypted communication, a regular empty email (without content) is sent. With this, the key is transferred in the background. Henceforth, messages can be encrypted automatically.

Autocrypt is a free and open standard, works with all email providers and uses real end-to-end encryption with the private key always remaining with the user. That’s one of the reasons why we support the method.
#more#

Why we already support Autocrypt and protect keys additionally

A first version of Autocrypt is being integrated into popular email applications. The involvement of email providers in the key exchange has not been intended yet. The provider sided support generates benefits for the end user which we want to showcase with our early implementation.

It is very important to us that Posteo customers will be able to use Autocrypt from the very beginning – as comfortable and secure as possible.

Our contribution to comfort:
Thanks to Autocrypt, email applications can soon automatically exchange public keys within the email headers. Our provider sided support makes it possible for an Autocrypt compatible application to receive a public key even if the sender uses an email application without support for Autocrypt. If the sender’s public key is available to us, we will take over that task: Posteo adds the Autocrypt header prior to every email transmission. Your communication partner is able to reply encrypted – without a manual key exchange.

Your current public key is transmitted inside the Autocrypt header with every sent email. Therefore, there is always a copy of your current key available in the applications of your communication partner – without manual key management.

Our contribution to security:
We provide an additional layer of security with digital signatures (DKIM). For Autocrypt the use of DKIM has not been planned yet. Our provider sided DKIM-signature makes it impossible for a public key to be invisibly manipulated by a third party during transmission. An Autocrypt header attached by your local email application is signed with DKIM by Posteo. DKIM-signatures occur only when the sending address matches with the sending mailbox.

How Autocrypt is integrated into Posteo

Many Posteo customers have published their public PGP key in the Posteo key directory. If these customers send an email, we add the Autocrypt header into the email. This header contains your public key. If your email application adds an Autocrypt header by itself, this header will not be changed and no additional header will be added.

- Posteo customers who additonally activated the Posteo inbound encryption using their public PGP key want every incoming email to be encrypted. This information is added to the Autocrypt header as well. That way, email applications compatible with Autocrypt will know that a recipient at Posteo wants an encrypted reply.

- In addition to the new Autocrypt header we also add the so called OpenPGP header, which informs the receiving email client on where it can find the public key. With this, the URL for the download from the Posteo key directory will be transmitted. The OpenPGP-header will be signed with DKIM, too.

What can you do?

In day-to-day life, encrypted communication with Autocrypt will work without your involvement. The manual exchange and management of end-to-end encryption keys becomes superfluous. All you need is your personal PGP key pair.

- Install the upcoming major versions of Enigmail or K-9 Mail as soon as available.

- If you already own a personal PGP key pair for your Posteo email address, we recommend publishing your key in our Posteo public key directory. Then your public key will automatically be added to the header of every email you send. We explain how to publish your public PGP key at Posteo in this help article.

Security recommendations for implementing Autocrypt:
In our view, the automatic exchange of public keys in the background should always be accompanied by further security measures. We recommend other email providers to sign Autocrypt headers with DKIM. Application developers should consider further measures to secure the key and verify existing DKIM-signatures. Additionally, end users should be notified by their email applications if a public key is replaced with a new one or if a setting, that an email should be encrypted or not, is changed by an Autocrypt header. In this way, a possible manipulation by third parties can be detected.

Best regards,

The Posteo team

Security warning for Thunderbird users and Enigmail users: vulnerabilities threaten confidentiality of communication

Created on 21. December 2017, 15:40 | Category: Blog

Dear Posteo users,
dear Thunderbird users and interested parties,

We have a security notice for everyone who uses Thunderbird or the encryption add-on Enigmail.

It is our goal to make popular open-source solutions more secure. Hence, last autumn we entered into a cooperation with Mozilla’s SOS Fund to commission a security audit of Thunderbird with Enigmail. This was the first security audit for Enigmail ever.

The goal of the audit was to identify vulnerabilities in the tested software and to make the software safer consistently. The current audit showed multiple vulnerabilities. The developers of Enigmail have already fixed all the problems that were discovered. Some of the security issues have already been fixed in Thunderbird, as well – but most improvements will only be available with future versions of Thunderbird. In addition to these vulnerabilities, there is a problem within the architecture of the Thunderbird add-on system.

All Thunderbird users with all providers are affected, including Gmail, Outlook.com or Yahoo.

We are asking all Thunderbird and Enigmail users to carefully read our security recommendations in this article. If you follow our security recommendations, you will already communicate more securely.
#more#

24 days, 8 security researchers, 22 vulnerabilities

The thorough audit of Thunderbird and Enigmail in autumn 2017 was conducted by independent security researchers (Cure53). The audit was financed in equal parts by Posteo and the Mozilla SOS Fund. It took 24 days and a team of 8 researchers to carry out the project.
The test covered the fields “Incoming Emails with PGP Signature / PGP Encryption”, “Incoming html Emails”, “Key Generation & Crypto Setup”, “Calendar, RSS and other features with Rich-Text Usage” as well as “Default Settings”.

In total, 22 security relevant vulnerabilities have been discovered, of which 3 were classified as “critical” and 5 as “high”. The developers of Thunderbird and Enigmail were involved in the audit and were informed immediately after the security audit.

The security researchers summarize the conclusions in their report as follows:

“A detailed look at the implementations of both Thunderbird and Enigmail revealed a high prevalence of design flaws, security issues and bugs. (…) In short, secure communications may not be considered possible under the current design and setup of this compound.”

Among the critical issues regarding Enigmail was the fact that it was possible to fake signatures as well as identities. Furthermore, the encrypted communication of users can be intercepted by third parties and could be compromised further on under certain conditions.
The Enigmail developers have already fixed all identified vulnerabilities and provided a new Enigmail version (1.9.9). We would like to thank Enigmail for their work.
However, Enigmail relies on Thunderbird, which will receive many of the improvements only in future versions.

Thunderbird add-on architecture puts your data at risk

This spring, architectural vulnerabilities in Firefox were confirmed as part of a Posteo audit. We then presumed these architectural vulnerabilties could also be found in Thunderbird, which is confirmed by the current audit:

The add-on architecture of Thunderbird allows an attacker to obtain your email communication through compromised add-ons. The add-ons are insufficiently separated and have access to the user content in Thunderbird. This includes end-to-end encrypted communication: Even a user’s private PGP key can fall into the hands of an attacker. Here, even Enigmail cannot improve the situation. It is even possible for an attacker to use compromised Thunderbird add-ons to gain access to parts of your device and your sensitive data.

The report advises caution:

“Assuming that a vulnerable or rogue extension is installed, an attacker acquires multiple ways of getting access to private key material and other sensitive data. (…) Henceforth, users are asked to be aware that extensions in Thunderbird are as powerful as executables, which means that they should be treated with adequate caution and care.”

Firefox has rebuilt the architecture in the current version 57. For Thunderbird it is not foreseeable when the add-on architecture will be changed.

RSS feeds can act as spies

The audit discovered profound security problems in connection with RSS feeds, which are expected to be fixed entirely in Thunderbird version 59. Due to security reasons, the actual attack will not be described in this post. The use of RSS feeds in Thunderbird can endanger and reveal your entire communication and other sensitive data.

Please consider the following security recommendations:

For all Thunderbird users:

  • Update Thunderbird to the latest versions as soon as they are available. The new versions will remove several of the vulnerabilities that were revealed in this audit.
  • Use Thunderbird preferably without or at least with verified add-ons until the architecture of Thunderbird has been rebuilt.
  • Do not use RSS feeds in Thunderbird for now. There are critical security problems threatening your entire communication.
  • Do not accidentally install add-ons through phishing, since rogue add-ons can be used to attack you.

If you follow these security recommendations, your communication will be notedly more secure.

For Enigmail users:

  • Update Enigmail immediately to the new version 1.9.9. This update removes all vulnerabilities identified in this audit.
  • Update Thunderbird to the latest versions as soon as they are available. The new versions will remove several of the vulnerabilities that were revealed in this audit.
  • Do not install any other add-on except for Enigmail until the add-on architecture of Thunderbird has been rebuilt.
  • Do not use RSS feeds in Thunderbird for now. There are critical security problems threatening your entire communication.
  • Do not accidentally install add-ons through phishing, since rogue add-ons can be used to attack you.

If you follow these security recommendations, your communication is notedly more secure.

Audit report to be published after vulnerabilities have been fixed
Due to security considerations we will publish the report after all identified vulnerabilities have been fixed, since the report describes the researchers successful attacks in detail. However, the report was made available to the participating developers, Posteo and Mozilla.

Posteo supports open source software
Posteo supports open source software with transparent code for security reasons. We are convinced that transparent code is essential for the security and democratic control of the internet. At any time, independent experts can identify vulnerabilities and backdoors, making software more secure step-by-step. With intransparent code there is a need to trust each provider’s or developer’s security statements, which are not reviewable by the public. For us, this is not an option.

Open source projects need your support

- Donate to the Thunderbird project to support further development of Thunderbird: https://donate.mozilla.org/en/thunderbird/
- Donate to the Enigmail developers to support further development of Enigmail: https://www.enigmail.net/index.php/en/home/donations

After the audit: what the participants say

Enigmail developer Patrick Brunschwig extends his thanks:

“Enigmail is one of the most widely used tools for OpenPGP email encryption. Yet it took 16(!) years of development until the first security audit was performed. It was more than overdue, and I would like to thank Posteo for taking the initiative and co-financing an audit report together with the Mozilla Foundation. Not very surprising for such an old project, the audit report revealed a number of important issues that were addressed now.”

Mozilla regards the audit as a success:

“Mozilla’s Secure Open Source Fund, a MOSS program, provides code-read security audits for key pieces of open source software. We are very pleased to have been able to collaborate with Posteo to audit one of the main software combinations used for secure email, and are glad that users’ data is safer and more secure as a result.”

Dr. Mario Heiderich from Cure53 hopes for a reopening of the bug bounty program of Thunderbird:

“In closing, once all relevant issues reported here by Cure53 have been fixed, it should be strongly considered to re-establish a bug bounty program for Thunderbird. This approach would help keeping the security level at an acceptable level instead of allowing it to deteriorate and move towards a stale state of datedness.”

Patrik Löhr from Posteo asks for changes in the add-on architecture of Thunderbird:

“We want to make open source software and end-to-end encryption more secure: security audits are the best way to achieve this aim.
It is a success that all discovered vulnerabilities in Enigmail have already been resolved.
The add-on architecture in Thunderbird, on the other hand, requires more work to achieve an up-to-date secure setup. Thunderbird is an essential tool for many people who work with email and communicate with end-to-end encryption. Therefore, the effort pays off.”

Best regards,

The Posteo team

Transparency notice: Our donations for 2016

Created on 14. September 2017, 18:15 | Category: Blog

Dear Posteo users and interested parties,

In the name of transparency we have now updated our donation page, where we document the organisations that we financially supported during the previous year (2016).

It is important to us to encourage social engagement and to take responsibility as a company. We therefore support selected charitable organisations in the areas of environment and climate protection, internet politics and freedom of opinion, as well as refugee aid.

During last year, Posteo donated a total of 29.600,00 EUR. Of this, 28.002,00 EUR constituted voluntary donations by Posteo. The remaining 1.598,00 EUR came from users’ remaining credit. #more#

Compared to the year before we were able to increase our donations by 5,250.00 EUR for 2016.

As per the previous year, recipients of Posteo donations included Reporters Without Borders, UNO-Flüchtlingshilfe, Friends of the Earth Germany (BUND) and Netzpolitik.org.

A new addition is a German Red Cross project in the Amazon, where 1.3 million people are acutely threatened by the increase in extreme weather events due to climate change. The project sees houses set up on raised platforms with secure architecture. In addition, blankets and hygiene kits are distributed and a health service set up. The project sustainably contributes to ensuring the existence of people affected by climate change.

In addition, we support the European Centre for Constitutional and Human Rights (ECCHR) since 2016. The ECCHR lawyers’ aim is to hold state and non-state actors legally accountable for grave human rights abuses. Among others, the ECCHR was founded in 2007 by human rights lawyer Wolfgang Kaleck, who represented whistleblower Edward Snowden in Germany.

Posteo does business sustainably and is independent. Our service is financed by our customers’ account fees alone. There are no investors or advertising partners at Posteo.

You are therefore what makes our engagement possible – you make a difference, for which we thank you very much.

All recipients of Posteo donations can be found on our donations page.

Best regards,

The Posteo team