Home > Free Software, Technology > Encryption bug in Apple Mail (… or feature?)

Encryption bug in Apple Mail (… or feature?)

November 15th, 2010 Leave a comment Go to comments

Hi Steve

When using s/mime encryption, which is nicely integrated in the users keychain, with IMAP configured accounts in mail.app, the app does not encrypt the mail and stores it (e.g. as draft) unencrypted on the server before it has been sent.

An attacker can either read the unencrypted mail, if he has access to the server (sysadmin), or in case the IMAP connection is unencrypted, read the unencrypted message on the nodes/routers.

Please fix this.

Take care & best, lx

  1. marco gfeller
    December 5th, 2010 at 22:31 | #1

    this is probably a feature ๐Ÿ˜‰
    furthermore it is impossible to read encrypted messages on an iphone ๐Ÿ˜‰

  1. No trackbacks yet.