-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 09/15/2013 05:39 PM, Patrick Brunschwig wrote: > On 14.09.13 14:15, Max Maass wrote: >> On 09/14/2013 01:56 PM, Lars Noodén wrote: >>> Hi, > >>> I notice that if a message draft is started encrypted and then >>> postponed, it becomes unencrypted when the message is >>> continued. The box becomes unchecked in the Encrypt Message >>> checkbox under the OpenPGP menu. Then, unless encryption is >>> re-specified right away, the draft seems to get saved >>> unencrypted in the drafts folder. This save is automatic after >>> a few minutes, so there is only a short window to manually >>> restore the missing encryption. That exposes the contents of >>> the message if no action is taken. > >>> This happens every time a message is started, postponed and >>> then resumed. > >>> The steps to reproduce it are as follows: > >>> 1. start a message with encryption 2. save it and then >>> postpone it, closing the message 3. find the unfinished >>> message in the appropriate drafts folder and resume editing 4. >>> either wait for the message to be saved (unencrypted) or repeat >>> steps 2 and 3. > >>> The message will go from being encrypted to being unencrypted >>> every time. > >> I can confirm this behaviour on Linux x64 with latest (non-beta) >> Enigmail and Thunderbird 17.0.8 (latest from ubuntu >> repositories). Never noticed it before, but this is a big >> information leak. > > Is my understanding correct that you only get this behavior if the > draft message is _not_ shown before you continue editing it, e.g. > if the preview pane is off? > > -Patrick
It seems to happen even with the preview pane open at the bottom of the window. Try closing and opening the message again. It will go to plain text if encryption is not manually reselected again each time. (I'm not sure of the names. The preview pane is the pane at the bottom of the window under the pane with the list of message subjects, right? ) /Lars -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (GNU/Linux) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with undefined - http://www.enigmail.net/ iEYEARECAAYFAlI1x8gACgkQfz2bZ9qH75ppnACfTmJZJutxSLn1Nm9qY9Ap9gm+ sxQAnRoFRgQ0w+VHCCbUlCmpSGjxAPBT =v2N7 -----END PGP SIGNATURE----- _______________________________________________ enigmail-users mailing list enigmail-users@enigmail.net https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
