Enigmail, the famous Thunderbird extension for encrypted and trusted mail, integrated a new so called “Junior mode” a few months back. This mode uses “pep” (Pretty Easy Privacy) and is activated by default. Recently german IT magazine c’t has uncovered that pep has a critical bug on Windows, resulting in Enigmail sending cleartext instead of encrypted mail. Even though this massive fault doesn’t seem to affect Linux or MacOS, I just don’t like it when applications try to hide the “complicated” parts responsible for security, trying to make it easier but instead just obscuring what’s happening.
Additionally QA or testing seems to either just not happen at all or be broken at the pep foundation, which is another reason why I don’t want to use their software.
Don’t get me wrong, making encrypted and trusted mail easier so that anyone can use it is a very noble idea and I absolutely support it. Dealing with key pairs is just something that the average user rightfully doesn’t want to bother with and mobile messengers solve this problem much more elegantly than e-mail currently does. I just don’t think that forcing a module broken in such an obvious way on a massive, at least semi-advanced user base is a good idea.
According to the Enigmail devs, having pep activated by default is a “desired feature”. That might be true to them but I beg to differ. Even though pep is activated by default, deactivating it is pretty easy (hehe), contrary to encrypted mail in 2018. Just two more clicks added to your Thunderbird setup routine in the end.
Open Thunderbird and click on the “burger” menu in the top right corner. Click on Preferences -> Preferences and switch to the tab Privacy
In this tab, select Force using S/MIME and Enigmail