123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531 |
- <!doctype html><!-- This is a valid HTML5 document. -->
- <!-- Screen readers, SEO, extensions and so on. -->
- <html lang=fr>
- <!-- Has to be within the first 1024 bytes, hence before the <title>
- See: https://www.w3.org/TR/2012/CR-html5-20121217/document-metadata.html#charset -->
- <meta charset=utf-8>
- <!-- Why no `X-UA-Compatible` meta: https://stackoverflow.com/a/6771584 -->
- <!-- The viewport meta is quite crowded and we are responsible for that.
- See: https://codepen.io/tigt/post/meta-viewport-for-2015 -->
- <meta name=viewport content="width=device-width,minimum-scale=1,initial-scale=1,shrink-to-fit=no">
- <!-- Required to make a valid HTML5 document. -->
- <title>Apple Mail Stores Encrypted Emails in Plain Text Database, fix included! (archive) — David Larlet</title>
- <!-- Generated from https://realfavicongenerator.net/ such a mess. -->
- <link rel="apple-touch-icon" sizes="180x180" href="/static/david/icons/apple-touch-icon.png">
- <link rel="icon" type="image/png" sizes="32x32" href="/static/david/icons/favicon-32x32.png">
- <link rel="icon" type="image/png" sizes="16x16" href="/static/david/icons/favicon-16x16.png">
- <link rel="manifest" href="/manifest.json">
- <link rel="mask-icon" href="/static/david/icons/safari-pinned-tab.svg" color="#5bbad5">
- <link rel="shortcut icon" href="/static/david/icons/favicon.ico">
- <meta name="apple-mobile-web-app-title" content="David Larlet">
- <meta name="application-name" content="David Larlet">
- <meta name="msapplication-TileColor" content="#da532c">
- <meta name="msapplication-config" content="/static/david/icons/browserconfig.xml">
- <meta name="theme-color" content="#f0f0ea">
- <!-- That good ol' feed, subscribe :p. -->
- <link rel=alternate type="application/atom+xml" title=Feed href="/david/log/">
-
- <meta name="robots" content="noindex, nofollow">
- <meta content="origin-when-cross-origin" name="referrer">
- <!-- Canonical URL for SEO purposes -->
- <link rel="canonical" href="https://medium.com/@boberito/apple-mail-stores-encrypted-emails-in-plain-text-database-fix-included-3c2369ce26d4">
-
- <style>
- /* http://meyerweb.com/eric/tools/css/reset/ */
- html, body, div, span,
- h1, h2, h3, h4, h5, h6, p, blockquote, pre,
- a, abbr, address, big, cite, code,
- del, dfn, em, img, ins,
- small, strike, strong, tt, var,
- dl, dt, dd, ol, ul, li,
- fieldset, form, label, legend,
- table, caption, tbody, tfoot, thead, tr, th, td,
- article, aside, canvas, details, embed,
- figure, figcaption, footer, header, hgroup,
- menu, nav, output, ruby, section, summary,
- time, mark, audio, video {
- margin: 0;
- padding: 0;
- border: 0;
- font-size: 100%;
- font: inherit;
- vertical-align: baseline;
- }
- /* HTML5 display-role reset for older browsers */
- article, aside, details, figcaption, figure,
- footer, header, hgroup, menu, nav, section { display: block; }
- body { line-height: 1; }
- blockquote, q { quotes: none; }
- blockquote:before, blockquote:after,
- q:before, q:after {
- content: '';
- content: none;
- }
- table {
- border-collapse: collapse;
- border-spacing: 0;
- }
-
- /* http://practicaltypography.com/equity.html */
- /* https://calendar.perfplanet.com/2016/no-font-face-bulletproof-syntax/ */
- /* https://www.filamentgroup.com/lab/js-web-fonts.html */
- @font-face {
- font-family: 'EquityTextB';
- src: url('/static/david/css/fonts/Equity-Text-B-Regular-webfont.woff2') format('woff2'),
- url('/static/david/css/fonts/Equity-Text-B-Regular-webfont.woff') format('woff');
- font-weight: 300;
- font-style: normal;
- font-display: swap;
- }
- @font-face {
- font-family: 'EquityTextB';
- src: url('/static/david/css/fonts/Equity-Text-B-Italic-webfont.woff2') format('woff2'),
- url('/static/david/css/fonts/Equity-Text-B-Italic-webfont.woff') format('woff');
- font-weight: 300;
- font-style: italic;
- font-display: swap;
- }
- @font-face {
- font-family: 'EquityTextB';
- src: url('/static/david/css/fonts/Equity-Text-B-Bold-webfont.woff2') format('woff2'),
- url('/static/david/css/fonts/Equity-Text-B-Bold-webfont.woff') format('woff');
- font-weight: 700;
- font-style: normal;
- font-display: swap;
- }
-
- @font-face {
- font-family: 'ConcourseT3';
- src: url('/static/david/css/fonts/concourse_t3_regular-webfont-20190806.woff2') format('woff2'),
- url('/static/david/css/fonts/concourse_t3_regular-webfont-20190806.woff') format('woff');
- font-weight: 300;
- font-style: normal;
- font-display: swap;
- }
-
-
- /* http://practice.typekit.com/lesson/caring-about-opentype-features/ */
- body {
- /* http://www.cssfontstack.com/ Palatino 99% Win 86% Mac */
- font-family: "EquityTextB", Palatino, serif;
- background-color: #f0f0ea;
- color: #07486c;
- font-kerning: normal;
- -moz-osx-font-smoothing: grayscale;
- -webkit-font-smoothing: subpixel-antialiased;
- text-rendering: optimizeLegibility;
- font-variant-ligatures: common-ligatures contextual;
- font-feature-settings: "kern", "liga", "clig", "calt";
- }
- pre, code, kbd, samp, var, tt {
- font-family: 'TriplicateT4c', monospace;
- }
- em {
- font-style: italic;
- color: #323a45;
- }
- strong {
- font-weight: bold;
- color: black;
- }
- nav {
- background-color: #323a45;
- color: #f0f0ea;
- display: flex;
- justify-content: space-around;
- padding: 1rem .5rem;
- }
- nav:last-child {
- border-bottom: 1vh solid #2d7474;
- }
- nav a {
- color: #f0f0ea;
- }
- nav abbr {
- border-bottom: 1px dotted white;
- }
-
- h1 {
- border-top: 1vh solid #2d7474;
- border-bottom: .2vh dotted #2d7474;
- background-color: #e3e1e1;
- color: #323a45;
- text-align: center;
- padding: 5rem 0 4rem 0;
- width: 100%;
- font-family: 'ConcourseT3';
- display: flex;
- flex-direction: column;
- }
- h1.single {
- padding-bottom: 10rem;
- }
- h1 span {
- position: absolute;
- top: 1vh;
- left: 20%;
- line-height: 0;
- }
- h1 span a {
- line-height: 1.7;
- padding: 1rem 1.2rem .6rem 1.2rem;
- border-radius: 0 0 6% 6%;
- background: #2d7474;
- font-size: 1.3rem;
- color: white;
- text-decoration: none;
- }
- h2 {
- margin: 4rem 0 1rem;
- border-top: .2vh solid #2d7474;
- padding-top: 1vh;
- }
- h3 {
- text-align: center;
- margin: 3rem 0 .75em;
- }
- hr {
- height: .4rem;
- width: .4rem;
- border-radius: .4rem;
- background: #07486c;
- margin: 2.5rem auto;
- }
- time {
- display: bloc;
- margin-left: 0 !important;
- }
- ul, ol {
- margin: 2rem;
- }
- ul {
- list-style-type: square;
- }
- a {
- text-decoration-skip-ink: auto;
- text-decoration-thickness: 0.05em;
- text-underline-offset: 0.09em;
- }
- article {
- max-width: 50rem;
- display: flex;
- flex-direction: column;
- margin: 2rem auto;
- }
- article.single {
- border-top: .2vh dotted #2d7474;
- margin: -6rem auto 1rem auto;
- background: #f0f0ea;
- padding: 2rem;
- }
- article p:last-child {
- margin-bottom: 1rem;
- }
- p {
- padding: 0 .5rem;
- margin-left: 3rem;
- }
- p + p,
- figure + p {
- margin-top: 2rem;
- }
-
- blockquote {
- background-color: #e3e1e1;
- border-left: .5vw solid #2d7474;
- display: flex;
- flex-direction: column;
- align-items: center;
- padding: 1rem;
- margin: 1.5rem;
- }
- blockquote cite {
- font-style: italic;
- }
- blockquote p {
- margin-left: 0;
- }
-
- figure {
- border-top: .2vh solid #2d7474;
- background-color: #e3e1e1;
- text-align: center;
- padding: 1.5rem 0;
- margin: 1rem 0 0;
- font-size: 1.5rem;
- width: 100%;
- }
- figure img {
- max-width: 250px;
- max-height: 250px;
- border: .5vw solid #323a45;
- padding: 1px;
- }
- figcaption {
- padding: 1rem;
- line-height: 1.4;
- }
- aside {
- display: flex;
- flex-direction: column;
- background-color: #e3e1e1;
- padding: 1rem 0;
- border-bottom: .2vh solid #07486c;
- }
- aside p {
- max-width: 50rem;
- margin: 0 auto;
- }
-
- /* https://fvsch.com/code/css-locks/ */
- p, li, pre, code, kbd, samp, var, tt, time, details, figcaption {
- font-size: 1rem;
- line-height: calc( 1.5em + 0.2 * 1rem );
- }
- h1 {
- font-size: 1.9rem;
- line-height: calc( 1.2em + 0.2 * 1rem );
- }
- h2 {
- font-size: 1.6rem;
- line-height: calc( 1.3em + 0.2 * 1rem );
- }
- h3 {
- font-size: 1.35rem;
- line-height: calc( 1.4em + 0.2 * 1rem );
- }
- @media (min-width: 20em) {
- /* The (100vw - 20rem) / (50 - 20) part
- resolves to 0-1rem, depending on the
- viewport width (between 20em and 50em). */
- p, li, pre, code, kbd, samp, var, tt, time, details, figcaption {
- font-size: calc( 1rem + .6 * (100vw - 20rem) / (50 - 20) );
- line-height: calc( 1.5em + 0.2 * (100vw - 50rem) / (20 - 50) );
- margin-left: 0;
- }
- h1 {
- font-size: calc( 1.9rem + 1.5 * (100vw - 20rem) / (50 - 20) );
- line-height: calc( 1.2em + 0.2 * (100vw - 50rem) / (20 - 50) );
- }
- h2 {
- font-size: calc( 1.5rem + 1.5 * (100vw - 20rem) / (50 - 20) );
- line-height: calc( 1.3em + 0.2 * (100vw - 50rem) / (20 - 50) );
- }
- h3 {
- font-size: calc( 1.35rem + 1.5 * (100vw - 20rem) / (50 - 20) );
- line-height: calc( 1.4em + 0.2 * (100vw - 50rem) / (20 - 50) );
- }
- }
- @media (min-width: 50em) {
- /* The right part of the addition *must* be a
- rem value. In this example we *could* change
- the whole declaration to font-size:2.5rem,
- but if our baseline value was not expressed
- in rem we would have to use calc. */
- p, li, pre, code, kbd, samp, var, tt, time, details, figcaption {
- font-size: calc( 1rem + .6 * 1rem );
- line-height: 1.5em;
- }
- p, li, pre, details {
- margin-left: 3rem;
- }
- h1 {
- font-size: calc( 1.9rem + 1.5 * 1rem );
- line-height: 1.2em;
- }
- h2 {
- font-size: calc( 1.5rem + 1.5 * 1rem );
- line-height: 1.3em;
- }
- h3 {
- font-size: calc( 1.35rem + 1.5 * 1rem );
- line-height: 1.4em;
- }
- figure img {
- max-width: 500px;
- max-height: 500px;
- }
- }
-
- figure.unsquared {
- margin-bottom: 1.5rem;
- }
- figure.unsquared img {
- height: inherit;
- }
-
-
-
- @media print {
- body { font-size: 100%; }
- a:after { content: " (" attr(href) ")"; }
- a, a:link, a:visited, a:after {
- text-decoration: underline;
- text-shadow: none !important;
- background-image: none !important;
- background: white;
- color: black;
- }
- abbr[title] { border-bottom: 0; }
- abbr[title]:after { content: " (" attr(title) ")"; }
- img { page-break-inside: avoid; }
- @page { margin: 2cm .5cm; }
- h1, h2, h3 { page-break-after: avoid; }
- p3 { orphans: 3; widows: 3; }
- img {
- max-width: 250px !important;
- max-height: 250px !important;
- }
- nav, aside { display: none; }
- }
-
- ul.with_columns {
- column-count: 1;
- }
- @media (min-width: 20em) {
- ul.with_columns {
- column-count: 2;
- }
- }
- @media (min-width: 50em) {
- ul.with_columns {
- column-count: 3;
- }
- }
- ul.with_two_columns {
- column-count: 1;
- }
- @media (min-width: 20em) {
- ul.with_two_columns {
- column-count: 1;
- }
- }
- @media (min-width: 50em) {
- ul.with_two_columns {
- column-count: 2;
- }
- }
-
- .gallery {
- display: flex;
- flex-wrap: wrap;
- justify-content: space-around;
- }
- .gallery figure img {
- margin-left: 1rem;
- margin-right: 1rem;
- }
- .gallery figure figcaption {
- font-family: 'ConcourseT3'
- }
-
- footer {
- font-family: 'ConcourseT3';
- display: flex;
- flex-direction: column;
- border-top: 3px solid white;
- padding: 4rem 0;
- background-color: #07486c;
- color: white;
- }
- footer > * {
- max-width: 50rem;
- margin: 0 auto;
- }
- footer a {
- color: #f1c40f;
- }
- footer .avatar {
- width: 200px;
- height: 200px;
- border-radius: 50%;
- float: left;
- -webkit-shape-outside: circle();
- shape-outside: circle();
- margin-right: 2rem;
- padding: 2px 5px 5px 2px;
- background: white;
- border-left: 1px solid #f1c40f;
- border-top: 1px solid #f1c40f;
- border-right: 5px solid #f1c40f;
- border-bottom: 5px solid #f1c40f;
- }
- </style>
-
- <h1>
- <span><a id="jumper" href="#jumpto" title="Un peu perdu ?">?</a></span>
- Apple Mail Stores Encrypted Emails in Plain Text Database, fix included! (archive)
- <time>Pour la pérennité des contenus liés. Non-indexé, retrait sur simple email.</time>
- </h1>
- <section>
- <article>
- <h3><a href="https://medium.com/@boberito/apple-mail-stores-encrypted-emails-in-plain-text-database-fix-included-3c2369ce26d4">Source originale du contenu</a></h3>
- <div class="ac ae af ag ah do aj ak"><figure class="dq dr ds dt du dv da db paragraph-image"/><div><p id="866b" class="ej ek ar bz el b em en eo ep eq er es"><h1 class="el b em et ar">Apple Mail Stores Encrypted Emails in Plain Text Database, fix included!</h1></p></div><p id="83b8" class="fu fv ar bz fw b fx fy fz ga gb gc gd ge gf gg gh">I was investigating how macOS and Siri suggest contacts and information to you, the user. This led me to the process called <em class="gi">suggestd,</em> run by the system level LaunchAgent <em class="gi">com.apple.suggestd,</em> and the Suggestions folder in the user-level Library folder, which contains multiple files and some potentially important database files (.db files). These are databases with information from Apple Mail and other Apple applications that enable macOS and Siri to become better at suggesting information.</p><p id="e0eb" class="fu fv ar bz fw b fx fy fz ga gb gc gd ge gf gg gh">The main thing I discovered was that the <em class="gi">snippets.db</em> database file in the Suggestions folder stored my emails. And on top of that, I found that it stored my S/MIME encrypted emails completely <strong class="fw gj">UNENCRYPTED</strong>. Even with Siri disabled on the Mac, it <strong class="fw gj">*still*</strong> stores unencrypted messages in this database!</p><p id="1305" class="fu fv ar bz fw b fx fy fz ga gb gc gd ge gf gg gh"><strong class="fw gj">**This is definitely not the expected behavior and can be considered an inadvertent information exposure.**</strong></p><p id="4026" class="fu fv ar bz fw b fx fy fz ga gb gc gd ge gf gg gh">Let me say that again… The <em class="gi">snippets.db</em> database is storing encrypted Apple Mail messages…completely, totally, fully — <strong class="fw gj">UNENCRYPTED — </strong>readable, even with Siri disabled, without requiring the private key. Most would assume that disabling Siri would stop macOS from collecting information on the user. This is a big deal. This is a big deal for governments, corporations and regular people who use encrypted email and expect the contents to be protected. Secret or top-secret information, which was sent encrypted, would be exposed via this process and database, as would trade secrets and proprietary data.</p><p id="6cf1" class="fu fv ar bz fw b fx fy fz ga gb gc gd ge gf gg gh">Some may not know what S/SMIME encrypted email is. So, what is it? S/MIME uses a pair of keys to operate — a public key and a private key. Emails are encrypted with the recipient’s public key. The email can only be decrypted with the corresponding private key, which is supposed to be in sole possession of the recipient. If the private key is unavailable or removed, the message should not be readable, by anything. Unless the private key is compromised, you can be confident that only your intended recipient will be able to access the sensitive data in your email.</p><p id="e557" class="fu fv ar bz fw b fx fy fz ga gb gc gd ge gf gg gh">Unfortunately, <em class="gi">snippets.db </em>stores these encrypted messages completely <strong class="fw gj">UNENCRYPTED</strong>, not requiring the private key to read the message. This completely defeats the purpose of utilizing and sending an encrypted email.</p><p id="e71e" class="fu fv ar bz fw b fx fy fz ga gb gc gd ge gf gg gh">Another database, <em class="gi">entities.db</em>, stores records of people’s names, email, and phone numbers you’ve corresponded with. Although the phone number may not be in your contact list, data from emails such as signature blocks and forward information are stored. It’s like an address book built for you. This could be touchy, as it may allow quick and easy access to some potentially sensitive information.</p><p id="c869" class="fu fv ar bz fw b fx fy fz ga gb gc gd ge gf gg gh">Although it has been suggested that you must disable Siri from learning from Apple Mail, even if Siri is disabled, I would argue that it still is the incorrect default behavior. Fortunately, I have discovered a way to mitigate the issue.</p><p id="b4fc" class="fu fv ar bz fw b fx fy fz ga gb gc gd ge gf gg gh">There are 3 ways to disable these processes from learning from Apple Mail.</p><ol class=""><li id="6b01" class="fu fv ar bz fw b fx fy fz ga gb gc gd ge gf gg gh gk gl gm">You can manually click the settings, but this does not scale well across an enterprise fleet of Macs.</li></ol><figure class="go gp gq gr gs dv da db paragraph-image"/><blockquote class="gx"><div id="5181" class="gy gz ha bz el b hb hc hd he hf hg gh"><p class="el b hh hi cd">System Preferences → Siri →Siri Suggestions & Privacy →Uncheck the boxes for Apple Mail.</p></div></blockquote><p id="aa35" class="fu fv ar bz fw b fx hj fz hk gb hl gd hm gf hn gh">2. As the user, not with elevated privileges, you can run this command in Terminal to turn off Siri from learning from Apple Mail.</p><blockquote class="ho hp hq"><p id="2cad" class="fu fv ar gi fw b fx fy fz ga gb gc gd ge gf gg gh"><strong class="fw gj">defaults write com.apple.suggestions SiriCanLearnFromAppBlacklist -array com.apple.mail</strong></p></blockquote><p id="5cb5" class="fu fv ar bz fw b fx fy fz ga gb gc gd ge gf gg gh">3. You can deploy a System-Level (for all users) configuration profile to turn off Siri from learning from Apple Mail.</p><p id="555d" class="fu fv ar bz fw b fx fy fz ga gb gc gd ge gf gg gh"><a href="https://github.com/boberito/ConfigurationProfiles/blob/master/suggestd.mobileconfig" class="bi cv hr hs ht hu" target="_blank" rel="noopener nofollow">https://github.com/boberito/ConfigurationProfiles/blob/master/suggestd.mobileconfig</a></p><pre class="go gp gq gr gs hv hw hx"><span id="568c" class="hy hz ar bz ia b fc ib ic r id"><?xml version="1.0" encoding="UTF-8"?><br/><!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "<a href="http://www.apple.com/DTDs/PropertyList-1.0.dtd" class="bi cv hr hs ht hu" target="_blank" rel="noopener nofollow">http://www.apple.com/DTDs/PropertyList-1.0.dtd</a>"><br/><plist version="1.0"><br/><dict><br/> <key>PayloadContent</key><br/> <array><br/> <dict><br/> <key>PayloadContent</key><br/> <dict><br/> <key>com.apple.suggestions</key><br/> <dict><br/> <key>Forced</key><br/> <array><br/> <dict><br/> <key>mcx_preference_settings</key><br/> <dict><br/> <key>SiriCanLearnFromAppBlacklist</key><br/> <array><br/> <string>com.apple.mail</string><br/> </array><br/> </dict><br/> </dict><br/> </array><br/> </dict><br/> </dict><br/> <key>PayloadEnabled</key><br/> <true/><br/> <key>PayloadIdentifier</key><br/> <string>MCXToProfile.85654d27-2ffe-4ee5-8ae3-ac63864d6bf3.alacarte.customsettings.73a7cb5a-550b-473d-a191-b8ec261302bd</string><br/> <key>PayloadType</key><br/> <string>com.apple.ManagedClient.preferences</string><br/> <key>PayloadUUID</key><br/> <string>73a7cb5a-550b-473d-a191-b8ec261302bd</string><br/> <key>PayloadVersion</key><br/> <integer>1</integer><br/> </dict><br/> </array><br/> <key>PayloadDescription</key><br/> <string>Disable Apple Mail Siri Suggestions</string><br/> <key>PayloadDisplayName</key><br/> <string>Disable Siri Suggestions</string><br/> <key>PayloadIdentifier</key><br/> <string>suggestd</string><br/> <key>PayloadOrganization</key><br/> <string></string><br/> <key>PayloadRemovalDisallowed</key><br/> <true/><br/> <key>PayloadScope</key><br/> <string>System</string><br/> <key>PayloadType</key><br/> <string>Configuration</string><br/> <key>PayloadUUID</key><br/> <string>85654d27-2ffe-4ee5-8ae3-ac63864d6bf3</string><br/> <key>PayloadVersion</key><br/> <integer>1</integer><br/></dict><br/></plist></span></pre><p id="bee5" class="fu fv ar bz fw b fx fy fz ga gb gc gd ge gf gg gh">The third option is the only way to permanently disable macOS and Siri from collecting this Apple Mail information for all users. Whichever way you disable it, you may want to delete the <em class="gi">snippets.db</em> file as well since disabling doesn’t remove previously saved emails. It just stops future ones from populating the database. This needs to be deployed to prevent <em class="gi">suggestd </em>from processing your emails even if Siri is disabled. The interface in the Siri System Preference panel may show it’s checked, but if you uncheck it you can’t re-check it. So, the user interface may not always report properly that it’s enabled or disabled.</p><p id="e281" class="fu fv ar bz fw b fx fy fz ga gb gc gd ge gf gg gh">You can run the following in Terminal to see what the setting’s value is.</p><blockquote class="ho hp hq"><p id="e2aa" class="fu fv ar gi fw b fx fy fz ga gb gc gd ge gf gg gh"><strong class="fw gj">defaults read com.apple.suggestions SiriCanLearnFromAppBlacklist</strong></p></blockquote><p id="9a0f" class="fu fv ar bz fw b fx fy fz ga gb gc gd ge gf gg gh">But even without this setting disabled, there are protections in place, most, not all, of your email messages go into this database. The user-level Library Suggestions folder is supposed to be protected by SIP (sandbox definition file found in <em class="gi">/System/Library/Sandbox/Profiles/com.apple.suggestd.sb</em>) and things like Bash, Zsh or Python are not intended to have access. It’s also marked with an extended attribute to prevent backups(<em class="gi">com_apple_backup_excludeItem</em>). Also, if you have FileVault enabled, then you have potentially another layer of protection if someone got their hands on your powered-off Mac.</p><p id="6d76" class="fu fv ar bz fw b fx fy fz ga gb gc gd ge gf gg gh">However, be careful, because anything you grant Full Disk Access to with a Privacy Preferences Policy Control now has access to that directory. For example, when you turn on Remote Login(<em class="gi">sshd</em>) or File Sharing(<em class="gi">smbd</em>) you grant <em class="gi">sshd</em> and <em class="gi">smbd</em> Full Disk Access.</p><p id="049b" class="fu fv ar bz fw b fx fy fz ga gb gc gd ge gf gg gh">Additionally, Finder always has access, so with an AppleScript one could potentially get their hands on these files. Especially, since you’re presented with so many things asking for permission in macOS Catalina, the dialog fatigue is real. Though, if a vulnerability was discovered and taken advantage of in <em class="gi">suggestd</em>, that could be a way to access these emails through <em class="gi">suggestd</em>’s entitlement or honestly anything that’s been granted Full Disk Access. If System Integrity Protection (SIP) is disabled (please don’t disable SIP), then the directory is definitely not protected.</p><p id="ff47" class="fu fv ar bz fw b fx fy fz ga gb gc gd ge gf gg gh">This sums up the positives, so there are protections in place and even a way to stop it, but it’s still an incorrect behavior because even with Siri enabled or disabled it should not be storing encrypted messages completely unencrypted.</p><p id="40e2" class="fu fv ar bz fw b fx fy fz ga gb gc gd ge gf gg gh">The process that controls all of this is called <em class="gi">suggestd</em>. If you’re curious about <em class="gi">suggestd</em>, you can check it out in Activity Viewer. Then, with deeper inspection of the process under the Open Files and Ports tab, it shows what databases are being used by <em class="gi">suggestd</em>. If you want to watch <em class="gi">suggestd</em> do its thing live, you can run the following in Terminal.</p><blockquote class="ho hp hq"><p id="d3b8" class="fu fv ar gi fw b fx fy fz ga gb gc gd ge gf gg gh"><strong class="fw gj">log stream --predicate ‘(subsystem ==”com.apple.suggestions”)’ --level info</strong></p></blockquote><p id="bd2a" class="fu fv ar bz fw b fx fy fz ga gb gc gd ge gf gg gh">You can even start another instance of <em class="gi">suggestd</em>.</p><blockquote class="ho hp hq"><p id="ee0f" class="fu fv ar gi fw b fx fy fz ga gb gc gd ge gf gg gh"><strong class="fw gj">/System/Library/PrivateFrameworks/CoreSuggestions.framework/Versions/A/Support/suggestd</strong></p></blockquote><p id="3ebd" class="fu fv ar bz fw b fx fy fz ga gb gc gd ge gf gg gh">I discovered this database and what’s stored there on July 25th and began extensively testing on multiple computers with Apple Mail set up and fully confirming this on July 29th. Later that week, I confirmed this database exists on 10.12 machines up to 10.15 and behaves the same way, storing encrypted messages unencrypted. If you have iCloud enabled and Siri enabled, I know there is some data sent to Apple to help with improving Siri, but I don’t know if that includes information from this database. S/MIME is supported in iOS with Apple Mail, but I haven’t dug into it. I’d imagine it behaves the same but due to the app sandboxing and the security model of iOS, it’d take a lot more to get your hands on that database but maybe not impossible chaining vulnerabilities together. The focus on this has been macOS related.</p></div>
-
- <section class="dj dk dl dm dn"><div class="n p"><div class="ac ae af ag ah do aj ak"><h2 id="dacb" class="hy hz ar bz by io ip iq ir is it iu iv iw ix iy iz">Timeline</h2><p id="b541" class="fu fv ar bz fw b fx ja fz jb gb jc gd jd gf je gh">July 29 —</p><ul class=""><li id="19ca" class="fu fv ar bz fw b fx fy fz ga gb gc gd ge gf gg gh jf gl gm">Reported to product-security@apple.com that this exists in 10.14 and beta of 10.15.</li><li id="36f4" class="fu fv ar bz fw b fx jg fz jh gb ji gd jj gf jk gh jf gl gm">Submitted a ticket to Apple enterprise support.</li><li id="360d" class="fu fv ar bz fw b fx jg fz jh gb ji gd jj gf jk gh jf gl gm">Submitted a bug report ticket through Feedback application using an Apple Business Manager account.</li><li id="9f08" class="fu fv ar bz fw b fx jg fz jh gb ji gd jj gf jk gh jf gl gm">Contacted professional points of contact within Apple.</li><li id="aaa2" class="fu fv ar bz fw b fx jg fz jh gb ji gd jj gf jk gh jf gl gm">Received a response from Apple enterprise support.</li><li id="a603" class="fu fv ar bz fw b fx jg fz jh gb ji gd jj gf jk gh jf gl gm">Received response from professional contacts within Apple.</li></ul><p id="cbbb" class="fu fv ar bz fw b fx fy fz ga gb gc gd ge gf gg gh">July 30 —</p><ul class=""><li id="f030" class="fu fv ar bz fw b fx fy fz ga gb gc gd ge gf gg gh jf gl gm">Reported and updated with all points of contact and tickets that this exists in 10.13.6.</li><li id="c3ce" class="fu fv ar bz fw b fx jg fz jh gb ji gd jj gf jk gh jf gl gm">Received a response from enterprise support that this has been submitted to engineering.</li></ul><p id="5dae" class="fu fv ar bz fw b fx fy fz ga gb gc gd ge gf gg gh">July 31 —</p><ul class=""><li id="0de9" class="fu fv ar bz fw b fx fy fz ga gb gc gd ge gf gg gh jf gl gm">Reported and updated all points of contact and tickets that this exists in 10.12.6.</li><li id="0838" class="fu fv ar bz fw b fx jg fz jh gb ji gd jj gf jk gh jf gl gm">Received response from enterprise support thanking me for testing but no update to report yet.</li></ul><p id="34a8" class="fu fv ar bz fw b fx fy fz ga gb gc gd ge gf gg gh">August 1 —</p><ul class=""><li id="b905" class="fu fv ar bz fw b fx fy fz ga gb gc gd ge gf gg gh jf gl gm">Received a response from product security that they are investigating the issue.</li></ul><p id="861d" class="fu fv ar bz fw b fx fy fz ga gb gc gd ge gf gg gh">September 4 —</p><ul class=""><li id="df8a" class="fu fv ar bz fw b fx fy fz ga gb gc gd ge gf gg gh jf gl gm">I sent an update to product security that the problem still exists in Catalina betas.</li></ul><p id="f633" class="fu fv ar bz fw b fx fy fz ga gb gc gd ge gf gg gh">September 9 —</p><ul class=""><li id="f963" class="fu fv ar bz fw b fx fy fz ga gb gc gd ge gf gg gh jf gl gm">Received a response from product security that they are still investigating the issue.</li></ul><p id="2915" class="fu fv ar bz fw b fx fy fz ga gb gc gd ge gf gg gh">October 9 —</p><ul class=""><li id="4d97" class="fu fv ar bz fw b fx fy fz ga gb gc gd ge gf gg gh jf gl gm">Sent an update to product security that the public final release of Catalina still has the issue and that the Supplemental Updates to Mojave did not address it.</li></ul><p id="5421" class="fu fv ar bz fw b fx fy fz ga gb gc gd ge gf gg gh">October 18 —</p><ul class=""><li id="dfb0" class="fu fv ar bz fw b fx fy fz ga gb gc gd ge gf gg gh jf gl gm">Contacted personal contacts within Apple about the issue.</li></ul><p id="636b" class="fu fv ar bz fw b fx fy fz ga gb gc gd ge gf gg gh">October 31 —</p><ul class=""><li id="4b00" class="fu fv ar bz fw b fx fy fz ga gb gc gd ge gf gg gh jf gl gm">Created a new product security ticket for the issue with Apple.</li><li id="b18a" class="fu fv ar bz fw b fx jg fz jh gb ji gd jj gf jk gh jf gl gm">Followed up with Enterprise Support on the severity of the issue again.</li><li id="fea6" class="fu fv ar bz fw b fx jg fz jh gb ji gd jj gf jk gh jf gl gm">Emailed Tim Cook.</li></ul><p id="590a" class="fu fv ar bz fw b fx fy fz ga gb gc gd ge gf gg gh">November 5 —</p><ul class=""><li id="414b" class="fu fv ar bz fw b fx fy fz ga gb gc gd ge gf gg gh jf gl gm">Received information from Enterprise Support on disabling learning from Apple Mail through System Preferences →Siri.</li></ul></div></div></section>
-
- <p><hr class="ie fb if ig ih ii ij ik il im in"/><section class="dj dk dl dm dn"><div class="n p"><div class="ac ae af ag ah do aj ak"><p id="4983" class="fu fv ar bz fw b fx fy fz ga gb gc gd ge gf gg gh">It’s been 100 days since I’ve alerted Apple, we’ve seen a security update to macOS Sierra 10.12, security updates to macOS High Sierra 10.13, Supplemental Updates to macOS Mojave 10.14, a security update to macOS Mojave 10.14, macOS Catalina 10.15.0 released, Supplemental Update to 10.15.0, and 10.15.1 release.</p><p id="e9b3" class="fu fv ar bz fw b fx fy fz ga gb gc gd ge gf gg gh">For a company that prides itself on security and privacy, the lack of attention to detail on an issue like this completely and totally surprises me. It brings up the question of what else is tracked and potentially improperly stored without you realizing it. For an operating system that you generally have to change controls to make it less secure, this is a setting that requires you to set to make it more secure and behave correctly. I also have to wonder why it took 99 days for someone to know the answer on how to prevent this. All parties at Apple were alerted multiple times before writing this blog and giving an ample amount of time before I published this. The two real main issues here are...</p><ol class=""><li id="2ebc" class="fu fv ar bz fw b fx fy fz ga gb gc gd ge gf gg gh gk gl gm">Disabling Siri doesn’t stop macOS from collecting data for Siri.</li><li id="e407" class="fu fv ar bz fw b fx jg fz jh gb ji gd jj gf jk gh gk gl gm">That with Siri enabled or disabled this process is storing encrypted emails in a database completely unencrypted.</li></ol><p id="064f" class="fu fv ar bz fw b fx fy fz ga gb gc gd ge gf gg gh">If these issues are a concern for you and your organization, consider creating an enterprise support ticket, filing feedback, or contact your representative at Apple and let them know.</p><p id="856f" class="fu fv ar bz fw b fx fy fz ga gb gc gd ge gf gg gh">These views are my own and not the views of my employer. If you have any questions or want more information on this, feel free to contact me on the MacAdmins Slack(boberito), Linkedin(<a href="https://www.linkedin.com/in/bob-gendler-8702014" class="bi cv hr hs ht hu" target="_blank" rel="noopener nofollow">linkedin.com/in/bob-gendler-8702014</a>) or email(<a href="mailto: bobgendler@gmail.com" class="bi cv hr hs ht hu" target="_blank" rel="noopener nofollow">bobgendler@gmail.com</a>).</p><p id="65a7" class="fu fv ar bz fw b fx fy fz ga gb gc gd ge gf gg gh">Below are some screenshots showing an encrypted message being displayed <strong class="fw gj">UNENCRYPTED </strong>with DB Browser for SQLite without requiring the private key. Apologies for all the blocked-out areas but I had to hide identifying information.</p></div></div><div class="dv"><div class="n p"><div class="jl jm jn jo jp jq ag jr ah js aj ak"><figure class="go gp gq gr gs dv ju jv paragraph-image"><div class="gt gu ec gv ak"><div class="da db jt"><div class="eb r ec ed"><div class="jw r"><div class="dw dx de t u dy ak ax dz ea"><img class="de t u dy ak ef eg eh" src="https://miro.medium.com/max/60/1*H2RlI9G-zplTUzAcEcQQ7Q.jpeg?q=20" width="2880" height="1800" role="presentation"/></div><img class="dw dx de t u dy ak ei" width="2880" height="1800" role="presentation"/><noscript><img class="de t u dy ak" src="https://miro.medium.com/max/5760/1*H2RlI9G-zplTUzAcEcQQ7Q.jpeg" width="2880" height="1800" role="presentation"/></noscript></div></div></div></div><figcaption class="cd fc jx jy ii dc da db jz ka by fb">macOS Catalina 10.15.0 — Private key removed. Message unreadable in Apple Mail. Message readable in the database.</figcaption></figure><figure class="kc dv ju jv paragraph-image"><div class="gt gu ec gv ak"><div class="da db kb"><div class="eb r ec ed"><div class="kd r"><div class="dw dx de t u dy ak ax dz ea"><img class="de t u dy ak ef eg eh" src="https://miro.medium.com/max/60/1*zmrB-xJUzwc2iNDKUrqLrg.jpeg?q=20" width="2560" height="1440" role="presentation"/></div><img class="dw dx de t u dy ak ei" width="2560" height="1440" role="presentation"/><noscript><img class="de t u dy ak" src="https://miro.medium.com/max/5120/1*zmrB-xJUzwc2iNDKUrqLrg.jpeg" width="2560" height="1440" role="presentation"/></noscript></div></div></div></div><figcaption class="cd fc jx jy ii dc da db jz ka by fb">macOS Mojave 10.14.6 — Private key is available. Message in Apple Mail. Message readable in the database.</figcaption></figure><figure class="kc dv ju jv paragraph-image"><div class="gt gu ec gv ak"><div class="da db jt"><div class="eb r ec ed"><div class="jw r"><div class="dw dx de t u dy ak ax dz ea"><img class="de t u dy ak ef eg eh" src="https://miro.medium.com/max/60/1*HLBtssNe4Vnz6wzRywz6Pw.jpeg?q=20" width="2880" height="1800" role="presentation"/></div><img class="dw dx de t u dy ak ei" width="2880" height="1800" role="presentation"/><noscript><img class="de t u dy ak" src="https://miro.medium.com/max/5760/1*HLBtssNe4Vnz6wzRywz6Pw.jpeg" width="2880" height="1800" role="presentation"/></noscript></div></div></div></div><figcaption class="cd fc jx jy ii dc da db jz ka by fb">macOS High Sierra 10.13.6 — Private key removed. Message unreadable in Apple Mail. Message readable in the database.</figcaption></figure><figure class="kc dv ju jv paragraph-image"><div class="gt gu ec gv ak"><div class="da db jt"><div class="eb r ec ed"><div class="jw r"><div class="dw dx de t u dy ak ax dz ea"><img class="de t u dy ak ef eg eh" src="https://miro.medium.com/max/60/1*SVNfpjpAPsicWPWR20n6DA.jpeg?q=20" width="2880" height="1800" role="presentation"/></div><img class="dw dx de t u dy ak ei" width="2880" height="1800" role="presentation"/><noscript><img class="de t u dy ak" src="https://miro.medium.com/max/5760/1*SVNfpjpAPsicWPWR20n6DA.jpeg" width="2880" height="1800" role="presentation"/></noscript></div></div></div></div><figcaption class="cd fc jx jy ii dc da db jz ka by fb">macOS Sierra 10.12.6-Private key is available. Message in Apple Mail. Message readable in the database.</figcaption></figure></div></div></div></section></p>
- </article>
- </section>
-
-
- <nav id="jumpto">
- <p>
- <a href="/david/blog/">Accueil du blog</a> |
- <a href="https://medium.com/@boberito/apple-mail-stores-encrypted-emails-in-plain-text-database-fix-included-3c2369ce26d4">Source originale</a> |
- <a href="/david/stream/2019/">Accueil du flux</a>
- </p>
- </nav>
-
- <footer>
- <div>
- <img src="/static/david/david-larlet-avatar.jpg" loading="lazy" class="avatar" width="200" height="200">
- <p>
- Bonjour/Hi!
- Je suis <a href="/david/" title="Profil public">David Larlet</a>, je vis actuellement à Montréal et j’alimente cet espace depuis 15 ans. <br>
- Si tu as apprécié cette lecture, n’hésite pas à poursuivre ton exploration. Par exemple via les <a href="/david/blog/" title="Expériences bienveillantes">réflexions bimestrielles</a>, la <a href="/david/stream/2019/" title="Pensées (dés)articulées">veille hebdomadaire</a> ou en t’abonnant au <a href="/david/log/" title="S’abonner aux publications via RSS">flux RSS</a> (<a href="/david/blog/2019/flux-rss/" title="Tiens c’est quoi un flux RSS ?">so 2005</a>).
- </p>
- <p>
- Je m’intéresse à la place que je peux avoir dans ce monde. En tant qu’humain, en tant que membre d’une famille et en tant qu’associé d’une coopérative. De temps en temps, je fais aussi des <a href="https://github.com/davidbgk" title="Principalement sur Github mais aussi ailleurs">trucs techniques</a>. Et encore plus rarement, <a href="/david/talks/" title="En ce moment je laisse plutôt la place aux autres">j’en parle</a>.
- </p>
-
- <p>
- Voici quelques articles choisis :
- <a href="/david/blog/2019/faire-equipe/" title="Accéder à l’article complet">Faire équipe</a>,
- <a href="/david/blog/2018/bivouac-automnal/" title="Accéder à l’article complet">Bivouac automnal</a>,
- <a href="/david/blog/2018/commodite-effondrement/" title="Accéder à l’article complet">Commodité et effondrement</a>,
- <a href="/david/blog/2017/donnees-communs/" title="Accéder à l’article complet">Des données aux communs</a>,
- <a href="/david/blog/2016/accompagner-enfant/" title="Accéder à l’article complet">Accompagner un enfant</a>,
- <a href="/david/blog/2016/senior-developer/" title="Accéder à l’article complet">Senior developer</a>,
- <a href="/david/blog/2016/illusion-sociale/" title="Accéder à l’article complet">L’illusion sociale</a>,
- <a href="/david/blog/2016/instantane-scopyleft/" title="Accéder à l’article complet">Instantané Scopyleft</a>,
- <a href="/david/blog/2016/enseigner-web/" title="Accéder à l’article complet">Enseigner le Web</a>,
- <a href="/david/blog/2016/simplicite-defaut/" title="Accéder à l’article complet">Simplicité par défaut</a>,
- <a href="/david/blog/2016/minimalisme-esthetique/" title="Accéder à l’article complet">Minimalisme et esthétique</a>,
- <a href="/david/blog/2014/un-web-omni-present/" title="Accéder à l’article complet">Un web omni-présent</a>,
- <a href="/david/blog/2014/manifeste-developpeur/" title="Accéder à l’article complet">Manifeste de développeur</a>,
- <a href="/david/blog/2013/confort-convivialite/" title="Accéder à l’article complet">Confort et convivialité</a>,
- <a href="/david/blog/2013/testament-numerique/" title="Accéder à l’article complet">Testament numérique</a>,
- et <a href="/david/blog/" title="Accéder aux archives">bien d’autres…</a>
- </p>
- <p>
- On peut <a href="mailto:david%40larlet.fr" title="Envoyer un courriel">échanger par courriel</a>. Si éventuellement tu souhaites que l’on travaille ensemble, tu devrais commencer par consulter le <a href="http://larlet.com">profil dédié à mon activité professionnelle</a> et/ou contacter directement <a href="http://scopyleft.fr/">scopyleft</a>, la <abbr title="Société coopérative et participative">SCOP</abbr> dont je fais partie depuis six ans. Je recommande au préalable de lire <a href="/david/blog/2018/cout-site/" title="Attention ce qui va suivre peut vous choquer">combien coûte un site</a> et pourquoi je suis plutôt favorable à une <a href="/david/pro/devis/" title="Discutons-en !">non-demande de devis</a>.
- </p>
- <p>
- Je ne traque pas ta navigation mais mon
- <abbr title="Alwaysdata, 62 rue Tiquetonne 75002 Paris, +33.184162340">hébergeur</abbr>
- conserve des logs d’accès.
- </p>
- </div>
- </footer>
- <script type="text/javascript">
- ;(_ => {
- const jumper = document.getElementById('jumper')
- jumper.addEventListener('click', e => {
- e.preventDefault()
- const anchor = e.target.getAttribute('href')
- const targetEl = document.getElementById(anchor.substring(1))
- targetEl.scrollIntoView({behavior: 'smooth'})
- })
- })()
- </script>
|