There is a vulnerability in Apple Mail that allows emails sent encrypted to end up unencrypted on internal storage. Apple promises to fix the security problem after a researcher found it months ago.
In a response to The Verge, Apple said it is aware of the problem with Apple Mail, and that it will be fixed in a future software update. It is not clear when that software update will be released. The leak was discovered by security researcher Bob Gendler, who informed Apple at the end of July, he reports in a blog post on Medium.
Gendler found database files on the internal storage of a macOS device that Siri uses to make recommendations to the system owner. It does this, among other things, by looking at the content of e-mails, which also concern encrypted e-mails. One of those database files, called snippets.db, contains the unencrypted content of emails sent encrypted via Apple Mail.
The vulnerability could allow a potential hacker to read the contents of encrypted emails. However, it should be noted that the risk of email theft is probably very low. It must be encrypted e-mails sent from Apple Mail, and where the user has not otherwise applied encryption to the file system. A hacker must also be able to make the database files accessible themselves.
According to Gendler, the encrypted emails are also stored in snippets.db when Siri is disabled. In addition, this happens in several versions of MacOS; Gendler has tried it with Catalina, Mojave, High Sierra and Sierra. However, it is possible to disable the saving of the emails, by indicating this in the privacy settings for Siri.