diff options
| author | paz <paz@nadir.org> | 2020-10-13 17:21:12 +0200 |
|---|---|---|
| committer | paz <paz@nadir.org> | 2020-10-13 17:21:12 +0200 |
| commit | 3f69b2012cc108c52a6ea6a4e7c2f8fd12955d63 (patch) | |
| tree | a56f1c03ab8941ab7737ec5d78a4f08aa074b69b | |
| parent | 8a1436bd2a5025b8736dd48ded298436e770d7d0 (diff) | |
News: Warn about Thunderbird attaching public keys
| -rw-r--r-- | _posts/2020-10-13-thunderbird-attaching-keys.md | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/_posts/2020-10-13-thunderbird-attaching-keys.md b/_posts/2020-10-13-thunderbird-attaching-keys.md new file mode 100644 index 0000000..a50ff18 --- /dev/null +++ b/_posts/2020-10-13-thunderbird-attaching-keys.md @@ -0,0 +1,15 @@ +--- +layout: post +title: "Beware of Thunderbird 78 attaching keys" +date: "2020-10-13" +--- + +This is a warning about Thunderbird version 78 and later versions: + +Please be aware that since version 78, Thunderbird by default attaches your public key to every outgoing, signed email. With normal emails this is not a problem. +With emails to a schleuder-list that contain X-RESEND it's different though: it reveals the public key of the actual sender, which probably leaks information about your email address and maybe name to the recipients. + +To prevent that, please de-select `Attach My Public Key` from the `Options`-menu _in each X-RESEND email_. + +As of now there is no option to generally disable attaching your key. [It has already been wished for](https://bugzilla.mozilla.org/show_bug.cgi?id=1654950), though. + |