$bbtitle
Apple Stock: 196.19 ( +2.07 )
RSS RSS Twitter Twitter
Search:
AppleInsider.com Archives News Bytes Reviews Anonymous Mailer Submit Story AppleInsider Forums Mac Prices Polls Advertise on AppleInsider Contact AppleInsider
Save over $268 on MacBook Pros and $150 on iMacs with special coupons: Mac Pricing Guide updated Feb. 9th (Find the best prices on Macs).
Tuesday, August 18, 2009

Apple aware of iPhone OS 3.0 e-mail security bug

By Sam Oliver

Published: 09:20 AM EST

iPad hands-on preview
The act of deleting an e-mail within iPhone OS 3.0 isn't enough to destroy its contents, and Apple is reportedly aware of the flaw and could be working on a fix.

Citing a source within Apple, Gizmodo stated that the fix will likely come in iPhone OS 3.1 for the iPhone and iPod touch. The problem, first discovered by Cult of Mac, happens when a user attempts to delete an e-mail. Even after emptying the Mail application's trash, the message -- and all of its contents -- are still accessible through the phone's Spotlight search feature.

To test the flaw, delete a message within the iPhone's Mail software. Remove it from the trash, and check your mail server to ensure it's erased. Then, search for the subject line of the message in Spotlight, where, in many cases, the entire message can still be read.

While some reports allege both IMAP and POP accounts are affected, a number of AppleInsider readers have commented that IMAP accounts are in fact not vulnerable to the Spotlight bug.

"As far as I can tell, there is no way to completely delete emails from iPhone OS 3.0, which isn't just strange, it's a disastrous security flaw," John Herrman writes for Gizmodo.

The site's internal tipster doesn't give any certainty, though, only saying Apple will "probably" include a fix in the upcoming iPhone OS update.

Matt Janssen created a video to demonstrate the security flaw. In it, he said that he has been able to find e-mails that are "over three or four months old." He shows off the bug on a second-generation iPod touch using software 3.0, and pulls up a message he deleted from June. When opening the mail through Spotlight, Mail crashes at first, but after opening a second time, the message can be opened in the mail inbox as message "1 of 0."

"These messages are still on the iPod somewhere, even after you delete them, but you can't find them without searching for them," Janssen said. "Like I said, this is a security issue, a bug, and hopefully Apple will fix it in some later releases."

Spotlight search is a new feature of the latest iPhone software, released in June. It offers global search capabilities, which enable users to quickly find apps, notes, e-mails, calendar events, contacts, music and other media files.
Filed under : iPhone 40 Comments ] 
Story topics: iPod touch, Security, iPhone 3.0 Software   Print ] [ Story Link ] 

AppleInsider seeks night/weekend writer-editor.
Mac Poker players can play Full Tilt Poker for Mac and get 100% to $600 free with bonus code MP600, courtesy of Online Poker Mac
AppleInsider Features
Hot Forum Topics

Recent Articles
Parallels takes virtualization speed crown in head-to-head with VMware
Apple releases iPhone OS 3.2 SDK for iPad
Apple seen extending exclusive iPhone deal with AT&T
iTunes price increases mean slower sales for music labels
Apple introduces 64-bit Aperture 3 with Faces and Places
Apple's share of U.S. smartphone market grows to 25% - study
iPhone OS 3.1.3 sees 14% adoption in 6 days, new hack released
Amazon rethinking Kindle in the wake of Apple iPad
Purported 4th gen Apple iPhone parts show largely unchanged design
Execs say Apple could lower iPad price if market demands it - report
Consumers lose interest in iPad after Apple's unveiling - survey
Higher Amazon e-book prices expected to coincide with iPad launch
Inside Apple's iPad: VGA video output
Unannounced Core i7 Apple MacBook Pro surfaces in benchmarks logs
Apple's new beta of Mac OS X 10.6.3 includes few changes
One in five physicians likely to purchase Apple iPad - study
Sling Media says it didn't change iPhone SlingPlayer to appease AT&T
Credit Suisse: 75% chance AT&T keeps iPhone exclusivity in 2010
Apple denying iPhone apps that use location framework for targeted ads
Apple's iPad deal gives Hachette pricing leverage against Amazon
Eccentric but effective Steve Jobs pitches iPad to NYT execs
Owners of flickering 27-inch iMacs claim 15% refund from Apple
IDC: Apple iPhone was No. 3 smartphone in 2009 with 14.4% of market
Future Apple iPhones could share current location during a call
AT&T, Sling Media partner to allow 3G access on iPhone SlingPlayer
Apple's iTunes Preview now offers browser-based App Store access
Amazon acquires touch-screen maker for future Kindle project
Nehalem Mac Pro systems suffer audio-based performance issues
Two new hires are Apple's latest moves in mobile advertising
AT&T outbid Verizon with cheaper Apple iPad data plans - rumor
Apple seen moving 2M iPads in 2010 before sales 'catalyst' emerges
Apple iPad deal pushes another publisher to renegotiate with Amazon
Apple allegedly selects new manufacturer for next-gen iPhone
ScrollMotion tapped by publishers to develop textbook apps for iPad
Apple denies iMac production halt as shipment times improve
Apple releases iPhone OS 3.1.3 with battery reporting fix
U.S. senator presses Apple on human rights practices in China
Photo of Apple's next-generation iPhone in the wild - sources
Despite sales growth, Apple's iPhone loses market share - report
Intel 6-core i7-powered Mac Pro rumored to launch this month

 
Advertisements








AppleInsider RSS Feed
AppleInsider © 1997-2008
Please review our Privacy Policy.
Written/Edited/Compiled by the AppleInsider Staff.