Mailvelope v0.6 is released today with a major redesign focusing on security. An audit done by Cure53 started end of December 2012 and evaluated Mailvelope’s security implementation and its security design aspects. In the course of two months we worked together with Cure53 on new concepts to prevent any form of leak of sensitive user data and at the same time do not degrade the user experience. The complete penetration report may be reviewed here.
Highlights of this new release include:
See also the security section in the documentation for more details.
We would like to thank the Open Technology Fund (RFA) for sponsoring the security audit. Without this funding the optimizations in the new release of Mailvelope would not have been possible. Thanks go also to Mario Heiderich and Krzysztof Kotowicz from Cure53 for their contributions.