Enigmail does not encrypt messages

OpenPGP addon for Mozilla Thunderbird

Brought to you by: pbrunschwig

#369 Enigmail does not encrypt messages

Status: wont-fix

Owner: nobody

Labels: None

Found in Version: 1.7.2

Severity: Minor

Thunderbird version: 31.2.0

GnuPG version: 1.4.16

Operating System: Linux

Fixed in version: ---

Cc: nobody

Updated: 2015-01-22

Created: 2014-12-03

Creator: orb_ter

Private: No

Enigmail does not follow rule on what to do with a message, not matter what I choose. For example, I created a message and selected force encryption and it did nothing after saving that message. If I go to settings and select "Encrypt draft messages on saving" then enigmail encrypt every message. Even if I select force not to encrypt. I have tried several combinations, even with new Thunderbird profile and reinstalling Enigmail, but no success. Even Enigmail wizzard does not work where I could chech settings.
I use Ubuntu 14.04 LTS 64 bit. Locale is Slovenian and I have encrypted home directory. I have seen some other programs having problems with encrypted home, so maybe there is a clue.

Discussion

Patrick Brunschwig - 2014-12-13

I cannot reproduce this. Please attach a debug log file (see https://www.enigmail.net/support/bugs.php, section "Execution Trace").

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

orb_ter - 2015-01-22

Sorry, for taking so long since I haven't noticed there was any reply.
Attached is a debug file with defaults not to encrypt draft messages. Even if I choose to force encryption, message is saved unencrypted. If I set defaults to encrypt drafts, then every saved message is encrypted even if I select not to encrypt.

enigdbug.txt

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Patrick Brunschwig - 2015-01-22

Yes, that's the expected behavior in Enigmail v1.7.2 (and future versions). The encryption of the draft depends only on the setting in the account preferences, and not on the encryption status in the message composer.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Patrick Brunschwig - 2015-01-22

status: open --> wont-fix
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

orb_ter - 2015-01-22

So I can't have only some messages encrypted containing sensitive information?

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Patrick Brunschwig - 2015-01-22

Correct.

That's actually a security measure. If you only encrypt messages containing sensitive data, then attackers know where to search for sensitive data. If you encrypt all messages, then sensitive data could be anywhere.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

orb_ter - 2015-01-22

I see. Thanks for clarification. Workaround would be to send those messages encrypted to myself.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Daniel Kahn Gillmor - 2015-01-22

This decision by enigmail to encrypt drafts at a per account basis is also a security feature in another sense: It's easy to write a message, and then half-way through decide that it needs to be encrypted (either by changing the recipient list, or by forcing encryption).

If your drafts have been saved in the clear up until then, you have leaked the content to whoever maintains your drafts folder.

setting the drafts-encrypted policy on a per-account basis is a sensible approach to ensure nothing sensitive gets leaked.

Either you are willing to trust the provider of your drafts folder with the contents of your messages, or you are not.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Log in to post a comment.