A new project from the EFF offers a quick path to a more secure email ecosystem.
A bug from the 1990s allows attackers to spoof signatures on some encrypted emails in GnuPG and other tools.
A group of lawmakers from both parties have introduced a new bill in the House of Representatives that would stop states and local governments from passing laws governing encryption. This will prevent states from passing their own laws before the federal government figures out what to do.
Google Chrome will mark all HTTP pages as not secure in the coming months, a major milestone in the overdue death of plaintext connections.
The Efail attacks on encrypted email clients implementing OpenPGP or S/MIME are serious, but there are mitigations and defenses available for users.