GPG4Win needs Internet access - why?

anon56090073 · February 21, 2013, 8:17am

Hello,

I use Thunderbird with Enigmail (both together with Windows). I also use GPG4Win. Different parts of GPG4Win repeatedly request access to the Internet, e.g. when I am clicking on an encrypted email in Thunderbird.

Why does GPG4Win need access to the Internet?
What kind of data are transmitted?

Seeing that access to the Internet is requested, I do not really feel secure about GPG4Win (and Enigmail)…

Thanks for any explanations.

anon11516178 · February 21, 2013, 8:53pm

Wow – that is very disturbing.

It makes me doubt that even open source encryption software can be trusted to keep your private information private.

When it comes to security, I am beginning to think that it is a serious mistake to use any code you haven’t written yourself.

anon78379145 · February 21, 2013, 10:20pm

Well - what about ‘works as designed?’
E. g. you receive an e-mail with an unknown signature - and key-servers have to be contacted to check that signature.
And maybe there is just an option to check for updates of one of its elements (gnupg, kleopatra etc.).

Therefore: Please provide much more information about when which IP-addresses should be contacted.

Bernd

anon11516178 · February 22, 2013, 2:08am

Bernd,

Are you aware of any utility that allows the user to specify which programs may access which IP addresses under which circumstances? That is, something like an open-source ZoneAlarm with finer control?

Or a utility that allows the user to verify that a program like gpg4win is only checking for an update and nothing more?

These things would be very useful…

anon56090073 · February 26, 2013, 6:44am

Hello Bernd,

thank you very much for your answer.

Maybe it works “as designed” but in this case it is not designed to build confidence:

The files

gpg2.exe
gpg-agent.exe
gpgsm.exe
dbus-daemon.exe
kbuildsycoca4.exe

repeatedly want to access the IP 127.0.0.1.

Even when I am clicking on “old messages” in my Thunderbird, at least one of these files tries to connect to the Internet. So, someone might keep track of when I read messages… (or even more). That is not exactly what you want if you encrypt your emails, right?

anon78379145 · February 26, 2013, 7:23am

Hello!

That’s the IP of your network-interface-card (NIC); cf.
https://de.wikipedia.org/wiki/Localhost

But I do not know why it contacts itself.

Bernd Leutenecker

anon56090073 · February 27, 2013, 6:51am

Hi Bernd,

ok, that was my mistake!

I still dislike this mechanism because I don’t think it’s possible for my firewall to distinguish between the local host and remote hosts. So, there’s no effective control if the program wants to connect to the Internet.

Anyways, at least I do know now why there are so many firewall events. Maybe I find a way to work around it…

Thank you very much for your explanation.

Best regards
Franz