2018-01-04 17:07 GMT+02:00 Patrick Brunschwig <[email protected]>: > On 04.01.18 14:38, Lachezar Dobrev wrote: >> 2018-01-03 19:04 GMT+02:00 Daniel Kahn Gillmor <[email protected]>: >>> On Wed 2018-01-03 14:39:55 +0200, Lachezar Dobrev wrote: >>>> Recently I've been greeted with a red warning every time I try to >>>> reply to an encrypted message saying: >>>> >>>> "Beware of leaking sensitive information - partially encrypted email." >>>> >>>> With a Details button that shows a pop-up: >>>> >>>> """ >>>> The message you are editing was partially encrypted. That is, the >>>> message contains unencrypted and encrypted parts. Some encrypted >>>> message parts may even be invisible to you. >>>> >>>> If the sender was not able to decrpyt the message parts originally, it >>>> is likely that you only got the email with some surrounding >>>> unencrypted text in order to make you reveal the encrypted >>>> information. >>>> """ >>>> (the "decrpyt" is a spelling mistake as is) >>>> >>>> What does this actually mean, and why does it show on every message >>>> I try to reply to? >>>> >>>> I have checked, and the mail is encrypted with the same two keys >>>> that the reply is going to be encrypted with: one is mine, the other >>>> is the one for the original sender. >>> >>> This is about CVE-2017-17844. The attack these warnings aim to mitigate >>> against goes like this: >>> >>> * attacker gets a copy of an encrypted message X that had been sent to >>> you >>> >>> * attacker creates a new message Y to you, and embeds encrypted message >>> X somewhere in the tail of message Y (the long chain of quoted, >>> attributed text that everyone ignores because top-posting is somehow >>> the expected norm). >>> >>> * you receive message Y, and reply to it (composing a new e-mail to the >>> attacker). >>> >>> * without the warning, it's likely that enigmail will decrypt the >>> quoted message and place the cleartext in the new reply message. >>> >>> >>> However, it sounds like you're seeing this warning trigger on every >>> e-mail reply, which seems unlikely to be the intended situation. >>> >>> What do your inbound e-mails look like? how are they structured? are >>> they PGP/MIME, or inline PGP? if they're inline PGP, is there a lot of >>> text around the encrypted blob? >>> >>> --dkg >> >> Hm, that does make sense. >> I made a test: sent myself a pair of PGP/MIME and a pair of >> Inline-PGP messages (one with signature, another unsigned). Trying to >> reply to the PGP/MIME message works as expected. Trying to reply to >> the Inline-PGP was met with the "Beware..." warning. I also noticed >> that most my peers are using Inline-PGP 'cause android... >> I also noticed, that when cancelling the replies to the Inline-PGP >> messages Thunderbird asks to save the draft even with no new content, >> while cancelling the replies to the PGP/MIME message goes through. I >> suspect it is due to the way Inline-PGP messages work (the content is >> decrypted in-place). >> >> The Inline-PGP mail seems to be really blank: >> """ >> To: obfuscated >> From: obfuscated >> Subject: Test >> Message-ID: <obfuscated> >> Date: Thu, 4 Jan 2018 15:15:55 +0200 >> User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 >> Thunderbird/52.5.0 >> MIME-Version: 1.0 >> Content-Type: text/plain; charset=utf-8 >> Content-Language: bg >> Content-Transfer-Encoding: 8bit >> >> -----BEGIN PGP MESSAGE----- >> Charset: utf-8 >> >> hQIOAxxQ0nrmqQMHEAf7BkQcd2+kZmXLrDOkUPpHf41/P3cssK4aslN+yuMPEQg5 >> ... stripped 16 lines ... >> cBrNYUYb >> =cT46 >> -----END PGP MESSAGE----- >> """ >> >> If I understand correctly this is something I should get accustomed with. > > The question is, what is the text that is above and below the decrypted > message. I try not to display the warning if the message was completely > inline-PGP encrypted, but that's pretty hard to do in the message > composition window (where the original message is no longer available). > > You could also ask your peers to install K-9 (plus OpenKeychain), or > R2Mail2. Both can create and read PGP/MIME messages just fine. > > -Patrick > > > _______________________________________________ > enigmail-users mailing list > [email protected] > To unsubscribe or make changes to your subscription click here: > https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net >
Ahh! I think I saw something! I have a signature configured in my Thunderbird Account. When Thunderburd attaches it it adds -- as separator, so the footer ends up like: """ -- Lachezar Dobrev etc. etc. """ When I disabled the signature responding to an Inline-PGP no longer displays the warning. Thunderbird manages -- signatures by removing them from the message that is being replied to before quoting it and adding the new signature below the quoted (and signature-stripped) original mail. Does that make sense? Steps to reproduce: - Open account settings - Put some text in the 'Signature Text' - Send an encrypted mail to one's self - Reply to the encrypted message - Observe the warning. _______________________________________________ enigmail-users mailing list [email protected] To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
