How to Remove GPGTools/GPGMail Encryption Plugin From Apple Mail

by

GPGMailSecurity researchers are warning users of PGP/GPG email encryption plugins not to use the software, after critical vulnerabilities were discovered that could potentially be used reveal the plaintext of encrypted emails.

The official advice from security researchers is to disable and/or uninstall the affected software until the vulnerabilities are disclosed and fixes can be issued. In the meantime, users are advised to seek alternative end-to-end encrypted channels such as Signal to send and receive sensitive content.

This short how-to guides users through the steps necessary to remove the popular open-source encryption plugin GPG Tools (GPGMail) from Apple Mail. It requires deleting a "bundle" file used by the app. Users' existing encryption keys are not affected by the procedure and will remain on their hard disk. GPGTools has also since published a temporary workaround that it believes mitigates against similar so-called "Efail" attacks.

How to Uninstall GPG Tools from Apple Mail

  1. Quit Apple Mail if it is running (Mail -> Quit Mail in the menu bar).

  2. Click on the desktop and in the Finder menu bar, select Go -> Go to Folder....
    go to folder menu bar

  3. In the Go to Folder dialog that appears, type /Library/Mail/Bundles and click Go.
    go to mail folder

  4. Delete the GPGMail.mailbundle file by either dragging it to the trash in your dock or by right-clicking (Ctrl-clicking) it and selecting Move to Trash in the contextual dropdown menu. If you don't see the mailbundle file, return to the previous step but type ~/Library/Mail/Bundles in the Go to Folder dialog (note the tilde (~) character denotes your home folder).
    delete mailbundle gpg

  5. Enter your administrator password if prompted to confirm the action.

After following the above steps, the GPG Tools email plugin will be gone from Apple Mail the next time you launch the client.

Top Rated Comments

CarlJ Avatar
35 months ago

That’s not good. But uninstalling is an overreaction. Wait for a fix.

Agreed. This article seems akin to "Researchers have discovered that seatbelts don't always work - here's how to cut them out of your car" (the dealer will really appreciate that when you take it in for repair). Well, great, when they come up with an updated app, it'll be harder to get it installed. How about just hold off on encrypting things for a bit.
[doublepost=1526316516][/doublepost]

The official advice from security researchers is to disable and/or uninstall the affected software until the vulnerabilities are disclosed and fixes can be issued. In the meantime, users are advised to seek alternative end-to-end encrypted channels ...

This short how-to guides users through the steps necessary to remove the popular open-source encryption plugin GPG Tools (GPGMail) ('https://gpgtools.org') from Apple Mail.

This article seems ill-advised. How about telling people how to temporarily disable the software, rather than rushing through a multi-step process to delete it?
Score: 2 Votes (Like | Disagree)
Westside guy Avatar
35 months ago
Removing it seems like overkill, assuming the fix is indeed “coming very soon”. It’s easy to have it off by default (which is how I use it - it’s uncommon for me to need to send an encrypted email, but occasionally the need is there).

It is also unclear whether my encrypted emails are affected since I use plaintext emails by default.
Score: 1 Votes (Like | Disagree)
Detektiv-Pinky Avatar
35 months ago
I don't think removing PGP is solving any problem.

If, as the researchers claim, any previously send Email is at risk, removing the software now does not magically makes these Emails secure.

At the moment too little is known to fully understand the problem. Most security problems require certain elements to make an attack successful in the wild. From what I have gathered so far, the attack is successful against MIME-encoded Emails. So changing your Email-settings to send them as 'plain-text' may be far more effective than blindly uninstalling PGP.
Score: 1 Votes (Like | Disagree)
Telos101 Avatar
35 months ago

I don't think removing PGP is solving any problem.

If, as the researchers claim, any previously send Email is at risk, removing the software now does not magically makes these Emails secure.

As I understand it, the uninstall advice from EFF seems to be a protective measure for people who expect the encryption to 'just work' in their mail app of choice. At least this way they know their emails aren't secure and can choose a different means of communicating. Signal does seem a good alternative for now.
Score: 1 Votes (Like | Disagree)

Top Stories

iphone 5s black slate

Images of Unreleased iPhone 5s in Black and Slate Shared Online

Sunday January 17, 2021 9:47 am PST by
Twitter user @DongleBookPro has today shared images of a prototype iPhone 5s in an unreleased Black and Slate color. The iPhone 5s was launched in September 2013. The device featured Touch ID, a 64-bit processor, and a True Tone LED flash for the first time. Other new features included a five-element lens with an f/2.2 aperture, a 15 percent larger camera sensor, Burst Mode, and Slo-Mo...
iP12 charge airpods feature 2

Hidden iPhone 12 Hardware Feature Could Still be Unlocked

Thursday January 14, 2021 2:51 am PST by
All iPhone 12 and iPhone 12 Pro models purportedly have a hidden reverse wireless charging feature, according to an FCC filing. The feature has not yet been activated, but could yet be unlocked for an upcoming Apple accessory. The FCC filing suggests that iPhone 12 models contain the hardware for Wireless Power Transfer (WPT) to accessories: In addition to being able to be charged by a...
Top Stories 43 Feature

Top Stories: MacBook Pro, iMac, Mac Pro, and iPhone Rumors, Best of CES 2021

Saturday January 16, 2021 6:00 am PST by
This week was sure a busy one in the Apple world, with a flurry of announcements out of CES early in the week followed by a rash of Mac- and iPhone-related rumors later in the week. The new rumors this week included details on updated MacBook Pro, iMac, and Mac Pro models, as well as a few other tidbits, so make sure to read on below to get caught up! Kuo: New MacBook Pro Models to...
foldable iPhone concept feature

Apple Testing In-Display Fingerprint Sensor for iPhone 13, Foldable iPhone Also in the Works

Friday January 15, 2021 1:46 pm PST by
Apple has started "early work" on an iPhone that has a foldable display, according to a new report from Bloomberg's Mark Gurman. Though testing of a foldable iPhone has begun, Apple has not committed to releasing a device that has a foldable display. Development has not yet expanded beyond a display and Apple does not have full foldable iPhone prototypes in its labs. Like foldable...
16inchmacbookpromain

Kuo: New MacBook Pro Models to Feature Flat-Edged Design, MagSafe, No Touch Bar and More Ports

Thursday January 14, 2021 9:32 pm PST by
Apple is working on two new MacBook Pro models that will feature significant design changes, well-respected Apple analyst Ming-Chi Kuo said today in a note to investors that was obtained by MacRumors. According to Kuo, Apple is developing two models in 14 and 16-inch size options. The new MacBook Pro machines will feature a flat-edged design, which Kuo describes as "similar to the iPhone 12" ...
macbook pro flexgate

Apple Extends 13-Inch MacBook Pro Backlight Repair Program

Sunday January 17, 2021 10:31 am PST by
Apple this week extended its worldwide 13-inch MacBook Pro Display Backlight Service Program, authorizing coverage for eligible notebooks for up to five years after the original purchase date or up to three years after the start date of the program, whichever is longer. The previous cutoff was four years after the original purchase date. Apple launched the program on May 21, 2019 after...
iphone x camera close

iOS 14.4 Will Introduce Warning on iPhones With Non-Genuine Cameras

Thursday January 14, 2021 8:07 am PST by
In the second beta of iOS 14.4 seeded to developers and public testers this week, MacRumors contributor Steve Moser has discovered code indicating that Apple will be introducing a new warning on iPhones that have had their camera repaired or replaced with aftermarket components rather than genuine Apple components. "Unable to verify this iPhone has a genuine Apple camera," the message will...
Apple TV Ray Light 2 Triad

Apple Extends Free Apple TV+ Trials Until July

Friday January 15, 2021 10:50 am PST by
Apple is once again planning to extend its free Apple TV+ trial subscriptions, this time until July. When Apple TV+ launched in November 2019, Apple offered free Apple TV+ subscriptions to those who purchased a new Apple device in or after September 2019. Those free subscriptions were set to expire in November 2020, but in October 2020, Apple announced that it was extending free trials...
mac pro mini feature

Apple Working on Two New Mac Pro Desktops, One of Which Will Be Reminiscent of Power Mac G4 Cube

Friday January 15, 2021 10:23 am PST by
Apple is developing two versions of the Mac Pro to succeed the Mac Pro that was first released in December 2019, according to a new report from Bloomberg. The first updated Mac Pro is a direct successor to the current Mac Pro and it will use the same design. It may also be equipped with Intel processors rather than Apple silicon chips, and it could be one of the sole machines in the Mac...
macbook pro magsafe

MagSafe is Coming Back to the Mac: A Look Back at Apple's Original Magnetic Charging Technology

Friday January 15, 2021 12:16 pm PST by
Surprise late night rumors last night provided us with our first in-depth look at what we can expect from the new MacBook Pro models that are coming in 2021, and there are some significant changes in the works. Along with additional ports, a new flat-edged design, and the removal of the Touch Bar, Apple's updated MacBook Pro machines will readopt MagSafe. MagSafe in the 2021 MacBook Pro...