In a post, IT specialists Bob Gendler shares a new security exploit he has found that allows for encrypted emails, sent on macOS using Apple Mail to be read.
As The Verge notes, Gendler was investigating how macOS and Siri suggest information to users, through his investigation he found that the macOS system stores data from Mail for Siri to use, including encrypted emails, however, in those system stored data files, they were unencrypted.
In his report, Gendler says he tested this and confirmed it works on macOS Catalina, Mojave, High Sierra, and Sierra. Gendler also notes he reported this exploit to Apple on July 29th, only to get a response 99 days later on November 5th.
In a statement to The Verge, Apple has confirmed it is aware of the issue and will address it in a future update, and as The Verge says:
the fact that Apple is still somehow leaving parts of encrypted emails out in the open, when they’re explicitly supposed to be encrypted, obviously isn’t good.
It is important to note this won’t affect everyone, only a handful of users who use “macOS, Apple Mail, be sending encrypted emails from Apple Mail, not be using FileVault to encrypt your entire system already, and know exactly where in Apple’s system files to be looking for this information.”
If you are affected, Apple told Gendler to go to System Preferences, Siri, Siri Suggestions & Privacy, Mail and disable “Learn from this App,” this will prevent the system from storing the emails, but it won’t delete or affect old encrypted emails which can be read.
Apple also advises users to turn on FileVault and avoid giving apps full disk access in Catalina. This article will be updated once a fix is released.