Endpoint Encryption

mac os 10.8.4

encryption desktop 10.3.0MP3

ISSUE 1:

email from apple mail is decrypted in viewer without requiring passphrase!!!  how IS THIS POSSIBLE??  

i have retain passphrase set to never (although it always to seems to reset to 3seconds??? issue 1b.)

even after PURGING CACHES and restarting, and canceling all prompts to enter passphrases, an email dragged into pgp viewer WILL STILL DECRYPT, AND THEN ALERTS POP SAYING 'ERROR NO PGP CONTENT', EVEN THOUGH THE 'CONTENT' IS BEING PLAINLY DISPLAYED IN THE VIEWER.

THIS IS BROKEN/BUGGY/SERIOUSLY WRONG APP BEHAVIOUR.

someone please explain.  i searched my system keychain on the 'off chance' that pgp decided to cookie my passphrase or something like that.. but could find nothing but website passes (which is good).... 

so i am very perplexed and concered.  do others have this experience???

ISSUE 2:

email containing pgp ciphertext.  when the whole cipher block is cut and pasted into viewer, usually the first line or so of text is missing in the cleartext decrypt.. also, attachments (photos, files, etc) do not show up properly, usually not at all.

HOWEVER

when the SAME email is dragged from mail to viewer, it decrypts and displays properly--

THIS IS BUGGY/HIGHLY UNUSABLE BEHAVIOUR.  WHY WHY WHY?? after so many iterations is this product still so fickle??

making me have to move and resize windows so i can juggle and drag an email into viewer instead of right-click 'decrypt' is insanely annoying and frustrating...

ISSUE 3:

WHAT does 'purge caches' do if the passphrases are ALWAYS still there after purge, even after restart...???? 

ANY INFO ON ANY OF THIS, ESPECIALLY THE FIRST WOULD BE MUCH MUCH APPRECIATED.

symantec better get on the ball here, the encryption game is gong to break wide open and they can be at the front of the line, but not if they keep letting this product be so obtuse.  they will get scooped.  handily.

AND, just to be fully bitchy, the navigation of this website is STILL really aggravating.  links for login and discussions and posting are SO hard to find... i know i'm not the first to make this 'observation'... it's definitely the third time i've been forced to mention it.

ok.  thank you very much for the help.

We spent a bit of time investigating a bug report from a customer that was exactly like your first issue (PGP Viewer on OSX decrypts email without requirng a passphrase).  We could not reproduce it.  And though the customer did not believe it to be the case, it turns out that they had chosen to cache the key passphrase in the OSX Keychain (they needed to be convinced of this, by examining the Keychain entries).  Is your key passphrase similarly cached?  The "passphrase cache" used by PGP Desktop/PGP Viewer (which is handled by the PGP SDK) is the one that you can set ot timeout or purge, and is completely separate from the OSX Keychain cache.

Regards,

i would not have knowingly done this, however i also did assume this to be the case, because otherwise i couldn't understand how this issue could occur.  so, that's why i scoured the keychains, as i said.  the only pgp entries i found were cookies for the websites.  would it by chance be named something else?  can you help me find it if it is indeed the case?

also, at what point would this 'decision' be made to cache the passphrase?  i have used pgp for many years, so i feel quite comfortable with its use, i have NEVER chosen to cache a passphrase.  also, i was under the impression that osx keychain for pgp passphrase was disabled, is that not the case?

thanks for your help.

If you reboot your system, and you can decrypt data using your private key, but you are not prompted to enter a passphrase, then either your key has no passphrase, or the passphrase is cached in the Keychain. Your private key is encrypted to a symmetric key derived from your passphrase, and there is no way the private key can be used otherwise.

The entries in the Keychain are named based on your email address, and will be in the "login" Keychain.  If you sort by "Kind", look for "PGP Passphrase" as the "Kind" of Keychain entry.

yes, i know this.  i have nothing called pgp passphrase in any keychain that i can find.  nothing whatsoever called pgp in any field *except* the aftorementioned web site passwrds.  i do happen to have several plain "<keys>", that are rsa 512b, with no other id'ing info on them in name or attributes.  6 or 7 of those in each keychain.  no idea who made them, what they're for. seem to be private keys for decrypting, so perhaps .. i don't know where i would have gotten them.  but don't just want to throw them out unless i really can't solve this issue.

this am, upon full restart, the exact same behaviour is happening.

once again i check in pgp settings and the setting for save passphrase is set to its default 10seconds again, although i had set it to NOT SAVE PASSPHRASE, again, and saved, last time i quit out.  this setting IS NOT STICKING.

i have pictures to illustrate what happens.  cold start.  open pgp viewer, move windows so i can easily drag an encrypted email to the viewer window, drag and drop and poof, decrypts-- just as the alerts pop up to say 'enter passphrase for this key'.. in this case the alert for the key for the email decrypt is asked twice, and then another window below pops asking for the default key passphrase because i have a pgp partition set to mount at login.  i usually just cancel out of that and go on my way if i don't need the partition at startup.  so, cancelling these brings up the 'sorry no pgp content error' even though the content is clearly still decrypted in the viewer.  and it stays there after i cancel out of all these spurious alerts.

so.  what gives?  where can i track down this mysterious passphrase cache, keychain??  would it be in application support folder perhaps?  or prefs??

THANK YOU FOR HELPING TRACK THIS DOWN.

after a few more restarts and after repairing permissions and running keychain first aid, the problem persists.

i even tried unmounting my backup drive and trying the routine again thinking perhaps there is an old keychain somewhere that is holding onto this passphrase... but same issue.

i would like to know if others have this experience, if it's only me i can't understand--A: how this would have happened, as i've never checked 'save passphrase to keychain'; and--B: why is this all of the sudden happening now, after years of using pgp?  like 10 years it must be.  i have emails from jon callas in 2004 when he was doing the tech supp!

i have only recently been using pgp viewer, however, and this seems to be the app with the issue.  other pgp functions such as contextual menu encrypt/decrypt work requiring passphrases, pgp disks require their phrases as normal. and viewer seems to work fine, properly, if i'm dragging a .pgp file from the finder level.  but when dragging email from mail, the viewer seems to retain a passphrase even though it CLEARLY thinks it's not, as it asks every time for the passphrase, and when i cancel it tells me 'oops, no php content detected'--the default answer for canceling the authentication--however, what it doesn't seem aware of is that IT HAS ALREADY DECRYPTED THE DATA AND IS DISPLAYING IT AT THAT VERY MOMENT.  something's wrong, no?

we deal with sensitive intellectual property every day all day here and rely on pgp (except the couple years back when it was totally fubar'd on mac and we were forced to swtich to truecrypt for a year...fun..) to keep it secure as it travels back and forth across the globe.  over private ip, over harddrive sneaker net, whathaveyou, it's pgp'd.  to think that some of the client software is caching passphrases on computers in the wild is EXTREMELY CONCERNING.

please help me track this down.  thanks very much.

I can understand that you are concerned.

It sounds like PGP Viewer is working properly (prompting for a passphrase) for files, but not for a particular email message.  Is that correct?  Does the problem occur with all email messages, or just one (or a few)?  If you have a friend send you a new email, does PGP Viewer prompt for a passphrase when you try to open it?

Is it possible that the email you are dragging doesn't, in fact, have any PGP content, or was already decrypted?  PGP Viewer has a "Copy to Inbox" feature that will put a decrypted copy back into your inbox. Find the actual message on-disk (rather than in your email client) and examine it to see if it has pgp data inside.

no, it is not possible that the email has no pgp content.  i have been using pgp for more than 12 years.  i suppose i understand that you have to ask, but... 

i drag a pgp encrypted email to pgp viewer after not ever entering a passphrase and the plaintext is displayed and then several popups occur asking for the passphrase.  when i cancel out of the alerts dialogues, i get the second alert saying there is no pgp content.  although the content is still displayed.  i do not use the 'copy to inbox' function ever, so everything in the inbox should still be encrypted.  it is encrypted when i open it in mail.  

this happens with messages sent from a third party as well as messages i've sent to myself.

see accompanying screenshots.

thanks.

also, any thoughts on the other issues from my orig post?

thx.

ok, i just tried an inbound email from years ago and that worked properly.  viewer asked for a passphrase (same key) before decrypting.  repeatable.  so.  why are all these latest emails caching the plaintext, or the passphrase?  i have never checked those boxes, so i'm perplexed as to how this is happening.  it is disconcerting.  however, it is good to know that it isn't across the board auto-decryption.  i cannot explain this, and wish someone could.

are there any settings i'm missing??  i can't think what, i've been through every menu item of pgp and viewer and mail.  this has not ever happened before, in years; it's only since the mp3 update as far as i can tell.

thanks.

There isn't any setting that would affect the behavior of some files but not others.  Nor is there a way for the passphrase to be cached (across reboots, no less) for some files but not others.  Plaintext can be "cached" by choosing to copy the decrypted message back into your inbox.

The interesting thing to me is the message "no PGP content dectected".  That makes me think that this individual message isn't actually encrypted to your key.  You should examine the message file directly in your filesystem.

oh yes, it's encrypted.  i can see looking at the raw source it's signed and the whole body is a pgp block.  gpg deals with it just fine.

I want to make sure I understand the behavior and what you are seeing exactly.

Use case #1:

You reboot your computer.  You launch PGP Viewer.  You drag an (older) encrypted email into Viewer.  You are prompted to enter your passphrase.  If you click Cancel, no message content is displayed.

Use case #2:

You reboot your computer.  You launch PGP Viewer.  You drag a newer encrypted email into Viewer.  You are prompted to enter your passphrase.  If you click Cancel, you get message content displayed.

Is this effectively it?

If the data is truly encrypted, would you mind sending me a copy?  (Or if this is repeatable, sending me a "test" email that experiences the problem.)

Thanks.

yes, this is exactly what happens in both scenarios.

i'd be happy to send you the emails i've tested with, i've pm'd you the source files.  

let me know anything you figure out.. i still find this behavior fishy, and never seen it before, but i'm now starting to think that pgpviewer is 'decrypting' a whole thread of email - even though i'm dragging only one, and the one that pops up in plaintext is actually unencrypted somewhere in the thread (although i can't see..) this is the only thing that makes sense to me... still this is very odd behavior that other apps don't do.  is this maybe just a way that pgpviewer interacts with mail?

thanks again for taking the time to sort this.