Apple is storing the emails sent by Apple Mail in a plain text database instead of an encrypted one.
According to many users, Apple is one of the safest tech companies. But according to a blog post written by an Apple-focused IT specialist, Bob Gendler, it may not be as safe as we think. He was trying to figure out how macOS and Siri can make suggestions to the users accurately, he noticed that a database storing information from Apple Mail was used by Siri. The problem is, snippets.db was storing the unencrypted versions of the emails that he sent.
Apple is aware of the issue for months
Gendler claims that most of the recent macOS releases, Cataline, Mojave, High Sierra, and Sierra have this issue. Snippets.db doesn’t contain the whole email, but instead a portion of the email. Gendler also says that he contacted Apple about the issue on July 29th and the company still didn’t fix the issue at patches since.
Although Apple suggested him a temporary solution. If you can go to System Preferences > Siri > Siri Suggestions & Privacy > Mail and switch the “Learn from this App” to off, your emails will not be collected by snippets.db from now on. Apple also claims that they are aware of this issue and it will be addressed in a future software update. You can read more at Bob Gendler’s blog.
Stay tuned for up-to-date Cyber Security News