Back in July of this year, information security specialist Bob Gendler, specializing in problems with Apple devices, discoveredthat Apple Mail on macOS stores encrypted plaintext letters in the snippets.db database.
As Gandler explains on his blog, the problem is due to the Siri function, which allows the voice assistant to provide information for communication at the request of the owner. Siri uses the suggestd process to collect contact information from various applications. Everything that the assistant finds is stored in the snippets.db file, in case the user ever needs the information.
Gendler found that even if the user configured Apple Mail to send and receive encrypted correspondence, Siri would still collect unencrypted versions of the letters and save parts of them in the database. The problem manifests itself in all versions of macOS from Sierra to Catalina.
“This is a serious problem for governments, corporations, and ordinary people who use encrypted email and expect their content to be protected. Because of this database and the process, secret and top-secret information transmitted in encrypted form can be disclosed, just like commercial secrets and confidential data, ”the researcher writes.
Although Apple had more than 90 days to fix the problem, there are still no patches, although the company has already reported mass mediathat intends to fix the vulnerability soon.
In the meantime, Gendler explains that simply disabling Siri will not help, instead you need to prevent the assistant from viewing encrypted messages from Apple Mail. This can be done in several ways, for example, through the settings (System Preferences> Siri> Siri Suggestions & Privacy), unchecking Apple Mail, or by launching the Mac Terminal (fairly common user rights) and the command “defaults write com.apple.suggestions SiriCanLearnFromAppBlacklist – array com.apple.mail ". After that, you will also have to manually delete the snippets.db file located in / Users / (username) / Library / Suggestions /.