One-time Encryption Glitch on Forwarding
Today I attempted to forward a cleartext email.
1. I input the address, added my text to the beginning of the
email,
2. Clicked to encrypt/sign it.
3. Clicked send and the email was sending (without a prompt for GPG
pass)! After it was sent GPG asked for a password. Why? I didn't
send to myself, but a colleague. Oops!
4. Checking the inbox, I see that my message IS somehow
encrypted!
5. I click to open another message and return to the crypted
message again. It prompts for password. Ok. After entering, I can
see my typed text but the FORWARDED text below is all
scrambled!
6. Tested again after a restart and I couldn't get it to do it
again.
7. Started checking settings -GPG Prefs was set to remember for 240
seconds. After seeing this I went ahead and set the GPG Preferences
(in System Preferences) to "Remember pass phrases for 0 seconds".
Please advise if this is indeed most secure (as I assume it is
without breaking anything).
It may have something to do with the character set in the
original email, but not sure. (Content-Type: text/plain;
charset=ISO-8859-15
Content-Transfer-Encoding: 8bit), If any of you get a moment to try
this, please do. I know this is a strange one..... In this case it
happened to be an automatically generated password email which I
forwarded on, but I didn't want to forward in the clear. I hope
this makes sense. If I can duplicate this, I'll let you know.
Unfortunately, I can't give you that email as it contains sensitive
info. Ask if there's anything else specific that would help.
Comments are currently closed for this discussion. You can start a new one.
Keyboard shortcuts
Generic
? | Show this help |
---|---|
ESC | Blurs the current field |
Comment Form
r | Focus the comment reply box |
---|---|
^ + ↩ | Submit the comment |
You can use Command ⌘
instead of Control ^
on Mac
Support Staff 1 Posted by Luke Le on 21 Oct, 2012 12:20 AM
Hi!
Ha, indeed sounds like a strange problem.
Currently extremely busy, but we will try to recreate this early next week and will let you know what we find.
Are you able to re-produce it yourself or was it a one time thing?
By the way, the 0 seconds caching of passphrases is definitely the safest option.
I use it myself for testing and hasn't shown any problems so far.
2 Posted by MacPomoc.pl on 21 Oct, 2012 10:16 AM
Hi. You can mark this closed for now. I truly believe it was related to password caching and/or the ISO type somehow. I just wanted to report the anomaly just in case. After trying to reproduce this several times I can't .
Thanks.
Support Staff 3 Posted by Luke Le on 21 Oct, 2012 10:26 AM
Oooh, one thing you might be seeing is a BCC bug which we haven't found the solution for yet.
In very few cases GPGMail adds your address to the BCC recipients list.
What I don't understand is, why the forwared text is scrambled. GPGMail should not process that at all.
I'll keep this open. Maybe you still manage to reproduce it.
Thanks :)!
Steve closed this discussion on 20 Jan, 2013 06:56 PM.