"Current notices about Posteo: News, developments, background information and media appearances."


Posteo users safe from Logjam attack

Created at 22.May 2015, 16:00 | Category: Blog

Dear Posteo users,

For the last couple of days a so-called Logjam security flaw has been reported in the media. This was discovered by US scientists and can provide attackers with access to individual encrypted connections, which, for example, are used for secure access to websites, email traffic and online banking.

We wish to inform that as a user accessing Posteo, you are not affected by Logjam: our team observes developments in cryptography and security very intently and we always employ the newest encryption technologies. This means that when you access Posteo via your browser or a local email program, you are not vulnerable to Logjam as we do not offer the target over which this attack occurs.

In your communications with other email providers, please be aware that for the moment, not all of them have secured their systems against Logjam.

Meantime, independent server test websites have extended their tests to include Logjam. You can confirm that Posteo is not affected by Logjam on these independent sites: on the Qualys test site we still obtain the best mark of A+ for web access, for example. Any vulnerability leads to a lower score.

Independent of Posteo, your browsers as well as local programs could still be vulnerable when using other services. In the coming days, please pay special attention as to whether updates are offered for your browser (e.g. Firefox, Safari or Chrome) or programs. You should install these important updates in order to increase the security of your online activities in this regard. In terms of security when accessing Posteo, no updates are necessary on your part.

Best regards,

The Posteo team