Why I prefer PGP/INLINE over PGP/MIME in Thunderbird/Enigmail

Due to the recent Enigmail security issue, where e-mail drafts could end up unencrypted on IMAP servers. (You might wonder, no, Whonix was luckily not affected by this, because the version in Debian wheezy did not have that bug.)

In the PGP/INLINE example I can be more assured, that the text was that it really converted to encrypted ciphertext before sending – because I can see it.

PGP INLINE

As opposed to PGP/MIME, where I need to trust more, that Enigmail won’t mess that up.

PGP MIME

Using option ‘Confirm, before sending’ set to ‘Always’, that I highly recommend to prevent messing up.

Patrick Schleizer on sabbloggerPatrick Schleizer on sabemailPatrick Schleizer on sabfacebookPatrick Schleizer on sabgithubPatrick Schleizer on sabtwitter
Patrick Schleizer
Developer and maintainer at Whonix
Patrick started developing Whonix, the Anonymous Operating System in 2012, when quickly others joined efforts. He collected experiences working pseudonymous on Whonix for two years, enjoys collaboratively working on privacy preserving software.

Patrick started developing Whonix, the Anonymous Operating System in 2012, when quickly others joined efforts. He collected experiences working pseudonymous on Whonix for two years, enjoys collaboratively working on privacy preserving software.

Posted in General Security News

Start the discussion at forums.whonix.org