Category Archives: GPG Suite

E-Fail attack against GPGTools

Another day another attack against GnuPGP tools. I have long believed that the complicated integration mechanism that GPGTools use to integrate with the Mail client are vulnerable to attack. Not too long ago Internet Explorer browser extensions were the attack vector into Windows PC’s.

https://it.slashdot.org/story/18/05/25/189253/in-apple-mail-theres-no-protecting-pgp-encrypted-messages

Remember with NouveauPG, the entire app is sandboxed. The only way to get data in or out is by selecting a file using the system file dialog box, or using the clipboard. No internet access, third party plug-ins or anything. The only reason encryption is not ubiquitous by now is the trade-off between usability. More ‘convenient’ schemes always seem to backfire. NouveauPG is as simple as I know how to make it.

 

GPG Suite security even worse than imagined

Apparently there are security issues with GPGSuite beyond keeping track of users' IP addresses with an auto-updater.
Apparently there are security issues with GPGSuite beyond keeping track of users’ IP addresses with an auto-updater.

The leading OpenPGP client for Mac OS X has recently pushed a security update due to a bug that allows a local user to execute shell commands with root privileges.

As if it weren’t enough, by default, GPG Suite regularly contacts gpgtools.org to check for updates. So not only does gpgtools.org keep tabs on the IP addresses you use without explicitly getting permission, a carrier or state level entity could easily compile a list of GPG Suite users by monitoring requests to the gpgtools.org upgrade server (here and here). It doesn’t matter they are using SSL/TLS because the private information is your IP address.

Think about it, after a few months, your upstream carrier (or whomever has access to their logs) could compile a list of every IP users of GPG Suite use. My opinion of GPG Suite users notwithstanding, I am sure they have more interesting data stored on their computers than the average person.

NouveauPG is sandboxed, so it is entitled only to access files selected by the user using the system open and save dialog box. Absolutely no network access allowed. (The only autoupdate mechanism is through the App Store version, which is the same one used for OS X autoupdate. There is no way for a third-party other than Apple to know exactly what is being updated, and tracking IP’s to the Apple update servers will only give you a list of Macintosh users.)

Activity monitor showing all the unsandboxed processes from a GPG Suite installation.
Activity monitor showing all the unsandboxed processes from a GPG Suite installation.
Activity monitor showing the single sandboxed process for NouveauPG
Activity monitor showing the single sandboxed process for NouveauPG.