Skip to main content
  1. Home
  2. Computing
  3. News

Apple Mail on MacOS flaw leaves supposedly encrypted messages unprotected

By

A vulnerability that was discovered on the macOS version of Apple Mail is compromising the security of supposedly encrypted messages, but Apple said a fix is on the way.

Recommended Videos

The flaw, which was shared by Apple-focused IT specialist Bob Gendler, was found on the four most recent MacOS releases, namely Catalina, Mojave, High Sierra, and Sierra. He found macOS database files that include information from Apple Mail, which is then utilized by digital assistant Siri to make suggestions. Unfortunately, one of the files, named snippets.db, is storing the unencrypted text of the emails.

Related

Only a small number of people are affected by the issue. The user needs to be sending encrypted emails from Apple Mail on macOS Sierra to macOS Catalina, with FileVault not activated to encrypt the entire system. The person who wants to read the unencrypted emails will also need to know exactly where the information is stored in the computer’s system files and will need to have access to it.

However, for the affected users, the risk is massive. Encrypted emails are protected for a reason, such as to keep confidential information safe, so any chance that they may be compromised is a big deal.

“It brings up the question of what else is tracked and potentially improperly stored without you realizing it,” Gendler said.

Apple is aware of the issue and said that a fix is on the way through a future software update. Gendler, however, noted that he reported the issue on July 29, but Apple did not respond until November 5.

While waiting for the flaw to be patched, a suggested workaround is to disable the Learn from this App option under the Mail option of the Siri Suggestions & Privacy menu, which is found in Siri’s section in System Preferences. This is just a temporary solution though, as it only stops new emails from being included in the compromised snippets.db file.

The encryption vulnerability follows another issue with macOS Catalina’s Apple Mail app, specifically missing or incomplete messages after upgrading to the latest macOS release, as well as messages going blank after moving them between mailboxes. Similar problems also appeared after upgrading iPhones to iOS 13.

Editors’ Recommendations

Topics
Aaron Mamiit
Aaron Mamiit
Contributor
Aaron received an NES and a copy of Super Mario Bros. for Christmas when he was four years old, and he has been fascinated…
I finally tried Apple Intelligence in macOS Sequoia to see if it lived up to the hype
The redeisgned Siri user interface in macOS Sequoia.

For the last few years, Apple’s macOS releases have been interesting, if not particularly exciting. But that’s all set to change this year with the launch of macOS Sequoia, and it’s all thanks to one feature: Apple Intelligence.

Apple’s artificial intelligence (AI) platform has the potential to completely change how you use your Mac on a daily basis. From generating images, rewriting emails, and summarizing your audio recordings to revamping Siri into a much more capable virtual assistant, Apple Intelligence could be the most significant new macOS feature in years.

Read more
You can finally try out Apple Intelligence on your Mac. Here’s how
macOS Sequoia being introduced by Apple's Craig Federighi at the Worldwide Developers Conference (WWDC) 2024.

The second developer beta of macOS Sequoia is open for business and it includes Apple Intelligence features. It looks like anyone can try it out as long as you're not in China. That includes people in the EU -- even though the AI features might not launch there right away. The features available for testing include Writing Tools, Siri, Safari and Mail summaries, Smart Replies, Memory Movies, transcription features, Reduce Interruptions Focus Mode, and a few more. If you want to have a look yourself, here's everything you need to do to download the beta and activate Apple Intelligence.

Before you start, make sure you've backed up your Mac with Time Machine so you can restore the previous version if anything goes wrong. You can also use a secondary device if you have another Apple silicon Mac lying around because beta versions can go wrong and you have to download them at your own risk.

Read more
I’m a Mac power user, and these are the apps I can’t live without
A person using a MacBook Air connected to two monitors.

The best Macs have a reputation for being easy to use, and as someone who switches between Windows and macOS every day, I can confirm that that reputation is well-earned. But macOS isn’t just a straightforward, easy-peasy system with about as much depth as a puddle -- it’s also a brilliant platform for power users.

A lot of that comes down to the thriving ecosystem of apps that are available on macOS. Load up your Apple computer with a few choice selections and you’ll be able to get so much more out of it than you ever thought possible, from automating tedious processes to making clever use of AI and everything in between.

Read more