KIYC: Avoiding vulnerabilities while sending information over email

Strike another blow against online privacy.  A new cybersecurity report finds it’s no longer safe to send confidential information by encrypted email.
The report, from German and Belgian researchers, finds a serious vulnerability in the two most common email  encryption methods, PGP and S/MIME, that could be used to  decipher encrypted emails.  In the wake of that report, the Electronic Frontier Foundation and other privacy advocates are advising people to immediately disable email tools that automatically encrypt emails and use encrypted messaging apps such as Signal instead. Kane In Your Corner has been using Signal for years to communicate with confidential sources.
Cybersecurity expert Scott Schober tells Kane In your Corner it may be too late to correct some of the damage. He says hackers already have their hands on a treasure trove of encrypted emails obtained in past data breaches. He says if those are now decrypted, everything from confidential medical and financial records to government secrets would be at risk.
“In the past, they may have thought ‘well, this is encrypted’,” Schober says. “But it may be sitting on somebody’s hard drive right now. And they may go back and say ‘oh, I can decrypt this and now I have access to this confidential information’.”
Some privacy experts believe the new security flaw is being exaggerated, and that users can reduce the risk by using separate encryption software, rather than relying on build-in encryption. Others say until overall encryption standards are improved, people should assume there is no such thing as a secure email.