Re: Thunderbird + Enigmail + saving draft with encryption
On 2/2/19, Thomas D Dial <tdial@acm.org> wrote:
> I noticed this a few weeks or a month ago and took it to be a somewhat
> inelegant, maybe incompletely implemented, feature intended to improve
> metadata security. I believe "Encrypted message" also becomes the
> subject of the transmitted message.
>
> Exposure of the metadata showing who is in contact with whom, and when,
> is pretty much inescapable, but the subject line, which is not
> encrypted, also can provide useful information to an eavesdropper, even
> if she cannot decrypt the message body. This is noted in some PGP or GPG
> documentation I have seen, accompanied by recommendations to obscure the
> Subject: line and put the true subject within the body.
That's what I was thinking as I read this thread. That's a perfect
spot for it... right at the top of the email's main content/body where
it then sits ready for a quick copy-cut-paste when the time's
appropriate.
It would be like how at least some of us temporarily save intended
recipient email addresses in that same spot while saving draft email
copies. That's an old netiquette type trick so that things fail in the
event we accidentally click "Send" instead of "Save Draft" or their
equivalents across email clients. :)
That part I read about how subject lines all look the same once
encrypted > GACK! It sounds like there's room for a wishlist bug
report about an option to somehow save a tickler of a reminder instead
of the real subject. A key as to the meaning of that tickler could
then be saved elsewhere, e.g. as a handwritten note, in the same way
passwords are occasionally saved on scraps of paper scattered
everywhere. :)
Cindy :)
--
Cindy-Sue Causey
Talking Rock, Pickens County, Georgia, USA
* runs with birdseed *
Reply to: