Posted at July 28, 2014
A couple of weeks ago, a good friend of mine @napoleon, was testing out the Mailvelope extension/add-on. He was interested in the idea of using OpenPGP encryption with Gmail. During his evaluation he noticed that Mailvelope likes to use the "Comment" armor header to advertise itself. This is a problem in a world where NSA targeted surveillance is real. Using OpenPGP suggests that you have the technical know-how to be private and that will likely make you interesting to the NSA and Xkeyscore. You should take care to disclose as little as possible about the privacy tools you use, if only to make it harder to run automated, targetted attacks against your computers and accounts. While @napoleon was patching the Mailvelope JS to disable its meta-data leak—because there is no config switch to turn it off—I took a look at Thunderbird with the Enigmail add-on and discovered a number of similar meta-data leaks, all of which can be stopped with just a little tweaking.
The first meta-data leak in Thunderbird is the "User-Agent" header that identifies Thunderbird as the software that generated the email:
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.0
To disable the "User-Agent" header, follow these steps:
What you just did was tell Thunderbird that you want override the value of the "User-Agent" header in emails. By leaving the value blank, Thunderbird will not add the "User-Agent" header to emails at all.
Then meta-data leak is a header added to all emails that advertises Enigmail—and its version—as the encryption tool used to encrypt/sign the email:
To disable the "X-Enigmail-Version" header, follow these steps:
You just told Enigmail that you do not want it to add any headers to your emails.
In addition to email headers, the OpenPGP format described in RFC 4880 specifies a number of armor headers that can be included in the OpenPGP message block. One of the headers is a "Comment" used for any user-defined data. Mailvelope uses the "Comment" armor header to advertise itself and so does Enigmail:
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
To disable the "Comment" armor header, follow these steps:
This seems like a bug in logic inversion to me. The default comment is the advertisement for engimail and it would seem like making the setting "false" would prevent it from adding the default comment. But, after testing both values, making the value "true" for this setting disables the "Comment" armor header.
The last meta-data leak is another armor header that Enigmail uses to advertise the OpenPGP tool and version that it used to sign and/or encrypt the email message:
Version: GnuPG v1
To disable the "Version" armor header, follow these steps:
You are telling Enigmail to use the "--no-version" parameter when it executes GnuPG to encrypt and/or sign your email message. That prevents GnuPG from adding the "Version" armor header to its output.
After making these changes to your stock Thunderbird and Enigmail installation, the encrypted emails you send will be much more sanitary and will disclose less information about the tools you use.