A change was made in Thunderbird 115.0 that rejects the use of the SHA-1 algorithm in digital signatures of S/MIME emails. Read more to learn about this important change, and how it might affect certain users.
We always want to keep our users informed and safe. In light of recent ransomware masquerading as Thunderbird, it’s the right time to review the list of trusted places you can download and install Thunderbird from.
Our journey to transform K-9 Mail to Thunderbird for Android involves more than just improving the user interface and adding new features. K-9 Mail is already an important part of the open source ecosystem on Android, and because it lays the foundation for the future of Thunderbird on Android, we believe it’s important to invest in the security health of the software.
In Thunderbird 102.7.0, we will be making some changes to the way we handle OAuth2 authorization with Microsoft accounts, and this may involve some extra work for users currently using Microsoft-hosted accounts through their employer or educational institution.
As you may know, Thunderbird offers email encryption and digital email signatures using the OpenPGP technology and uses Ribose’s RNP library that provides the underlying functionality. To strengthen the security of the OpenPGP implementation, a recent update of the RNP library had included changes to refuse the use of several unsafe algorithms, such as MD5 […]
Mailfence Encrypted Email Suite in Thunderbird Today, the Thunderbird team is happy to announce that we have partnered with Mailfence to offer their encrypted email service in Thunderbird’s account setup. To check this out, you click on “Get a new email address…” when you are setting up an account. We are excited that those using […]
Updating to Thunderbird 78 from 68 Soon the Thunderbird automatic update system will start to deliver the new Thunderbird 78 to current users of the previous release, Thunderbird 68. This blog post is intended to share with you details about our OpenPGP support in Thunderbird 78, and some details Enigmail add-on users should consider when […]
Today the Thunderbird project is happy to announce that for the future Thunderbird 78 release, planned for summer 2020, we will add built-in functionality for email encryption and digital signatures using the OpenPGP standard. This new functionality will replace the Enigmail add-on, which will continue to be supported until Thunderbird 68 end of life, in […]
During the last month we attended two events: FOSDEM, Europe’s premier free software event, and a meetup with the folks behind DeltaChat. At both events we met great people, had interesting conversations, and talked through potential future collaboration with Thunderbird. This post details some of our conversations and insights gather from those events. FOSDEM 2019 […]
Yesterday, researchers and the press shared information describing security vulnerabilities that would enable an attacker to gain access to the plaintext of encrypted Emails. To understand how this happens, the researchers who uncovered EFail provide a good description on their website: In a nutshell, EFAIL abuses active content of HTML emails, for example externally loaded […]
In the last few weeks, I’ve had several interesting conversations concerning email encryption. I’m also trying to develop some concept of what areas Thunderbird should view as our special emphases as we look forward. The question is, with our limited resources, should we strive to make better support of end-to-end email encryption a vital Thunderbird […]
