Why I prefer PGP/INLINE over PGP/MIME in Thunderbird/Enigmail

Due to the recent Enigmail security issue, where e-mail drafts could end up unencrypted on IMAP servers. (You might wonder, no, Whonix was luckily not affected by this, because the version in Debian wheezy did not have that bug.)

In the PGP/INLINE example I can be more assured, that the text was that it really converted to encrypted ciphertext before sending – because I can see it.


As opposed to PGP/MIME, where I need to trust more, that Enigmail won’t mess that up.


Using option ‘Confirm, before sending’ set to ‘Always’, that I highly recommend to prevent messing up.

Patrick started developing Whonix, the Anonymous Operating System in 2012, when quickly others joined efforts. He collected experiences working pseudonymous on Whonix for two years, enjoys collaboratively working on privacy preserving software.

Posted in General Security News

Start the discussion at forums.whonix.org