How to News

Encrypted Emails On macOS: Fixed By Apply

Apple to Fix macOS Mail Vulnerability That Leaves Text of Some Encrypted Emails Readable
Written by Hassan Abbas

Fix macOS Mail Vulnerability: There’s a vulnerability within the macOS version of the Apple Mail app. It leaves a number of the text of encrypted emails unencrypted, consistent with a report from IT specialist Bob Gendler.

According to Gendler:

the snippets.db database file used by a macOS function. When Siri is disabled contact suggestions stores encrypted emails in an unencrypted format.

Gendler initially discovered the bug on July 29 and reported it to Apple. Apple said that it was looking into the issue, though no fix ever came. The vulnerability continues to exist in macOS Catalina and earlier versions of macOS dating back to the macOS Sierra.

Let me say that again… The snippets.db database are storing encrypted Apple Mail messages…

  • completely
  • totally
  • fully

Readable, even with ‌Siri‌ disabled, without requiring the private key. Most would assume that disabling ‌Siri‌ would stop macOS from collecting information on the user. This is a big deal.This is a big deal for governments, corporations and regular people. As would trade secrets and proprietary data.

Apple tells The Verge that it has been made aware of the issue and will address it in a future software update.

This issue affects a limited number of people in practice. It is not something that macOS users should generally worry about. As it requires customers to be using macOS and the Apple Mail app to send encrypted emails. It does not impact those who have FileVault turned on. And a person who wanted to access the information would also need to know where in Apple’s system files to look and have physical access to a machine.

Those who concern about this issue can prevent data from being collected in the snippets. Because, database by opening up System Preferences, choosing the ‌Siri‌ section, selecting ‌Siri‌ Suggestions & Privacy, choosing Mail and then turning off ” Learn from this App.” But This will stop new emails from being added to snippets.db but won’t remove those that have already been included.

Apple told The Verge that customers who want to avoid unencrypted snippets being read by other apps can avoid giving apps full disk access in ‌macOS Catalina‌. Turning on FileVault will also encrypt everything on the Mac.


For further queries and questions let us know in the comment section below!

Also Read: Guide How to Unsend a Message on Instagram on iOS

About the author

Hassan Abbas

Tech enthusiast with too many items on his wish-list and not nearly enough money! Specializing in all things tech, with a slight Apple bent he has been writing for various blogs for the best part of (too many) years

Leave a Comment