A new security flaw has surfaced concerning deleted email on your decive running 3.0 or 3.1 firmware.  A video has been posted that reveals the issue.  If you think your email has been deleted once you delete it from your iPhone/Touch, think again.

During the demonstration, the user deletes an email from their POP account.  Once you delete the email go back to the home screen and slide over to the search spotlight.  After you type the subject of the “deleted” email, you will see two of them listed.  The first time you try to open one of them up, mail will try to open but crashes.  However, on the second try you will be able to successfully open the content of that “deleted” email.

This is not only happening with POP accounts but with IMAP.  The flaw resides withing 3.0 and 3.1 firmware.  Even if the email is deleted from the server, it will not clear from the cache.  Obviously, the process 3.0 caches is assumed that it helps speed up the searches but also is leaving some doors open.

If one is already paranoid enough by carrying email on their iPhone, this will send them overboard.  Sensitive data may still lay hidden under the covers until Apple releases their next fix.

No related posts.

Related posts brought to you by Yet Another Related Posts Plugin.

 Print

 Email