or Connect
AppleInsider › Forums › Mobile › iPhone › Apple aware of iPhone OS 3.0 e-mail security bug
New Posts  All Forums:Forum Nav:

Apple aware of iPhone OS 3.0 e-mail security bug

post #1 of 41
Thread Starter 
The act of deleting an e-mail within iPhone OS 3.0 isn't enough to destroy its contents, and Apple is reportedly aware of the flaw and could be working on a fix.

Citing a source within Apple, Gizmodo stated that the fix will likely come in iPhone OS 3.1 for the iPhone and iPod touch. The problem, first discovered by Cult of Mac, happens when a user attempts to delete an e-mail. Even after emptying the Mail application's trash, the message -- and all of its contents -- are still accessible through the phone's Spotlight search feature.

To test the flaw, delete a message within the iPhone's Mail software. Remove it from the trash, and check your mail server to ensure it's erased. Then, search for the subject line of the message in Spotlight, where, in many cases, the entire message can still be read.

While some reports allege both IMAP and POP accounts are affected, a number of AppleInsider readers have commented that IMAP accounts are in fact not vulnerable to the Spotlight bug.

"As far as I can tell, there is no way to completely delete emails from iPhone OS 3.0, which isn't just strange, it's a disastrous security flaw," John Herrman writes for Gizmodo.

The site's internal tipster doesn't give any certainty, though, only saying Apple will "probably" include a fix in the upcoming iPhone OS update.

Matt Janssen created a video to demonstrate the security flaw. In it, he said that he has been able to find e-mails that are "over three or four months old." He shows off the bug on a second-generation iPod touch using software 3.0, and pulls up a message he deleted from June. When opening the mail through Spotlight, Mail crashes at first, but after opening a second time, the message can be opened in the mail inbox as message "1 of 0."

"These messages are still on the iPod somewhere, even after you delete them, but you can't find them without searching for them," Janssen said. "Like I said, this is a security issue, a bug, and hopefully Apple will fix it in some later releases."

Spotlight search is a new feature of the latest iPhone software, released in June. It offers global search capabilities, which enable users to quickly find apps, notes, e-mails, calendar events, contacts, music and other media files.

post #2 of 41
If there's no restore function for old files then why didn't they program the phone to actually delete the file? Something's stinky here. Like they made it so if it's needed, the GOVERNMENT could pull up all your activity on the phone and analyze your behavior!

THE GOVERNMENT MAN!

Or it could be just a meaningless glitch that some people will make too big of a deal out of. If anything, they should exploit the glitch, and allow people to actually search all their past emails. There's been a few times on my phone that I wish I hadn't deleted an email.
post #3 of 41
Quote:
Originally Posted by chronster View Post

If there's no restore function for old files then why didn't they program the phone to actually delete the file? Something's stinky here. Like they made it so if it's needed, the GOVERNMENT could pull up all your activity on the phone and analyze your behavior!

THE GOVERNMENT MAN!

Or it could be just a meaningless glitch that some people will make too big of a deal out of. If anything, they should exploit the glitch, and allow people to actually search all their past emails. There's been a few times on my phone that I wish I hadn't deleted an email.

I'd settle for an option to secure delete if required or just delete and the latter with a find in trash and restore option. I assume the wipe when lost function is a secure wipe.
Been using Apple since Apple ][ - Long on AAPL so biased
nMac Pro 6 Core, MacBookPro i7, MacBookPro i5, iPhones 5 and 5s, iPad Air, 2013 Mac mini, SE30, IIFx, Towers; G4 & G3.
Reply
Been using Apple since Apple ][ - Long on AAPL so biased
nMac Pro 6 Core, MacBookPro i7, MacBookPro i5, iPhones 5 and 5s, iPad Air, 2013 Mac mini, SE30, IIFx, Towers; G4 & G3.
Reply
post #4 of 41
Quote:
"As far as I can tell, there is no way to completely delete emails from iPhone OS 3.0, which isn't just strange, it's a disastrous security flaw."

No, Spotlight is just that good.
post #5 of 41
So, if you receive lots of emails with attachments, would this not continue to take up space on your iPhone or touch?

I'd also like a Restore feature, but am more interested in actually having my Trashed email properly gone.
post #6 of 41
Deleted mail really disappear when my iPhone goes/is put to sleep. Configuration iPhone 3G 3.0.1 16 GB
post #7 of 41
Quote:
Originally Posted by AppleInsider View Post


"As far as I can tell, there is no way to completely delete emails from iPhone OS 3.0, which isn't just strange, it's a disastrous security flaw," John Herrman writes for Gizmodo.

How is this a disastrous security flaw? What scenario presents this as a security flaw?
post #8 of 41
Quote:
Originally Posted by steviet02 View Post

How is this a disastrous security flaw? What scenario presents this as a security flaw?

It lies beneath.
post #9 of 41
Quote:
Originally Posted by AppleInsider View Post

"As far as I can tell, there is no way to completely delete emails from iPhone OS 3.0, which isn't just strange, it's a disastrous security flaw," John Herrman writes for Gizmodo.

I think characterizing this a, "a disastrous security flaw," is something of over-the-top hyperbole. There's no demonstrated malware risk associated with this, and it would only seem to be a problem of sensitive, deleted emails being viewable if your iPhone falls into the hands of someone with nefarious intent, which would probably only potentially affect a very small percentage of iPhone users. (OK, well, the "government" could theoretically view this too, and although I'm a very strong privacy advocate, I think this is a case where, unless you are involved in illegal activities, you don't have anything to worry about as a consequence. Although, it's probably worth noting that certain harmless activities might not be legal in some localities, but, still, I think "disastrous" is a bit overstating the case here.)

For me, at least, the greater concern is that, if all those deleted emails, and attachments, one assumes, are still there on my iPhone, they are eating up my storage space, which I may need for something else. I'd also be concerned if there are other things that are not actually getting deleted, but not viewable through Spotlight: apps, app data, caches, etc.
post #10 of 41
Quote:
Originally Posted by steviet02 View Post

How is this a disastrous security flaw? What scenario presents this as a security flaw?

I don't see how it would be a security flaw for the iphone per say, but more for it's users. If someone has confidential information in a work email and they thought they deleted everything, then someone steals the phone, that information can easily be accessed. Stuff like login information, delivery dates, blah blah blah.
post #11 of 41
Quote:
Originally Posted by digitalclips View Post

I'd settle for an option to secure delete if required or just delete and the latter with a find in trash and restore option. I assume the wipe when lost function is a secure wipe.

While they are at it, providing a simple "delete now" that actually deletes instead of just transferring it into a "trash" mailbox would be desirable.

Saving things in the trash is for sissies that can't make a decision IMO. I empty my trash every single time there is anything in it on the desktop and I'd love to have the option of simply having things delete when I hit the delete key. Especially since Time Machine there is just no reason for a two (or more) stage deletion process.

You can empty the trash mailbox on the iPhone just like you can empty your trash-can on the desktop but it's a tedious four or five stage process as opposed to the two or three stage one on the Mac. The only automatic deletion feature on the iPhone, set to the shortest possible time period, still keeps everything in your trash for a full day, (which is about 23 hours 55 minutes longer than I want it to be there), and is a security risk in itself.

If you can't simply delete sensitive information when you want to, and know that it's deleted as opposed to being in some "trash" folder on a server or on your own device, how secure are you in the first place?
In Windows, a window can be a document, it can be an application, or it can be a window that contains other documents or applications. Theres just no consistency. Its just a big grab bag of monkey...
Reply
In Windows, a window can be a document, it can be an application, or it can be a window that contains other documents or applications. Theres just no consistency. Its just a big grab bag of monkey...
Reply
post #12 of 41
This isn't a bug, it's an unreleased TIme Machine option for the iPhone
post #13 of 41
i found a real a fix!!!!

just go to the settings and disable e-mail in spotlight search!!
post #14 of 41
I couldn't duplicate it on my iPhone 3GS using my SMTP email account.
post #15 of 41
Personally, I've found that spotlight is even more amazing than people know...

it finds emails that haven't even been written yet!

(BTW, I recommend the Broncos for next year... who would have guessed!?!)
post #16 of 41
Err, message from Cluetown: when you delete files from a computer (which is what the iPhone is) they're NEVER really deleted unless some security program is invoked to overwrite them. Instead the file system's pointer to their location is deleted or toggled off. This would be somewhat similar to erasing a chapter listing from a book's table of contents, but leaving the pages themselves in the book. All of us have computer hard drives that are brimming with supposedly deleted files; it's simply that an undelete utility is required to recover them.

This bug, which hardly rises to a level of much significance, could lie in the iPhone's file system, or might be a Spotlight implementation issue.
post #17 of 41
Quote:
Originally Posted by crisss1205 View Post

i found a real a fix!!!!

just go to the settings and disable e-mail in spotlight search!!



You found a workaround, not a fix. That is a good idea for some, but not for those who use spotlight to search for e-mail content.
post #18 of 41
Quote:
Originally Posted by Voxer18 View Post

I couldn't duplicate it on my iPhone 3GS using my SMTP email account.

The bug only works for old-fashioned POP email accounts, not sure what an "SMTP" email account would be, but if you are using IMAP like most of the modern world, this isn't even an issue.

Something that the article above would do well to update with.
It's been identified as a "spotlight caching issue" on POP email accounts only.
In Windows, a window can be a document, it can be an application, or it can be a window that contains other documents or applications. Theres just no consistency. Its just a big grab bag of monkey...
Reply
In Windows, a window can be a document, it can be an application, or it can be a window that contains other documents or applications. Theres just no consistency. Its just a big grab bag of monkey...
Reply
post #19 of 41
Quote:
Originally Posted by NeilM View Post

Err, message from Cluetown: when you delete files from a computer (which is what the iPhone is) they're NEVER really deleted unless some security program is invoked to overwrite them. Instead the file system's pointer to their location is deleted or toggled off. This would be somewhat similar to erasing a chapter listing from a book's table of contents, but leaving the pages themselves in the book. All of us have computer hard drives that are brimming with supposedly deleted files; it's simply that an undelete utility is required to recover them.

This bug, which hardly rises to a level of much significance, could lie in the iPhone's file system, or might be a Spotlight implementation issue.

Well, yes, it does depend on the exact nature of the bug (and the file system) how serious a problem this really is. Yes, the data of deleted files are still there on your computer, immediately after you delete them, but, over time, the areas of storage occupied are typically, wholly or partially, overwritten with other data, so that the data can't really be considered persistent. One question in this instance would be: just how persistent are these emails? Will they eventually be "deleted", and under what circumstances?

If it were a flaw in the file system or Spotlight, one might expect that other apps, like Contacts, would exhibit similar behavior (although, not necessarily). On the other hand, it might be some artifact in Mail left over from development -- i.e., someone forgot to remove or uncomment some code that prevents or performs the actual file system deletion.
post #20 of 41
Quote:
Originally Posted by ghostface147 View Post

You found a workaround, not a fix. That is a good idea for some, but not for those who use spotlight to search for e-mail content.

Well, I'm not even sure it's a workaround since someone in possession of your phone can turn it back on.
post #21 of 41
Quote:
Originally Posted by Virgil-TB2 View Post

The bug only works for old-fashioned POP email accounts, not sure what an "SMTP" email account would be, but if you are using IMAP like most of the modern world, this isn't even an issue.

Something that the article above would do well to update with.
It's been identified as a "spotlight caching issue" on POP email accounts only.

I verified this: on my Imap (MobileMe) account, email is deleted after sleep; unfortunately not so on My POP accounts.
post #22 of 41
Quote:
Originally Posted by AppleInsider View Post

Even after emptying the Mail application's trash, the message -- and all of its contents -- are still accessible through the phone's Spotlight search feature.

I've tested this on my iPhone, and, although these do show up in Spotlight searches, if you select an email found by Spotlight that's been deleted from the Trash folder, Mail does not display the contents of the email -- i.e., only the Subject and From of the mail are displayed by Spotlight, at least for POP accounts and messages no longer on the POP server. Shutting down and restarting has no effect on this behavior: the messages info continues to be displayed by Spotlight.
post #23 of 41
might explain why i suddenly have more free space on my laptop

i have an HP laptop with a 150GB hard drive. until last week it had 10GB free and i've had a 32GB iphone since launch day.

on friday i wipe and install Windows 7 from scratch. I had the beta and installed the RTM. restored my itunes and all my other files and i now have around 60GB free space. figure another 20GB that I deleted files that i didn't need anymore and that's 40GB free.

i have my iphone linked to my MS Exchange mailbox and sync several times a day. maybe it was backing up all my supposedly deleted emails as well?
post #24 of 41
Quote:
Originally Posted by crisss1205 View Post

i found a real a fix!!!!

just go to the settings and disable e-mail in spotlight search!!


Ya this doesn't help those that want/need to search email from spotlight


SECONDLY, I don't think this even fixes that. All it means is it wont show up in search the fact it shows up in search after a COMPLETE deletion shows that it's holding onto it somewhere deep in memory. So taking that off doesn't fix that issue either.
post #25 of 41
Surely this isn't an issue if you use IMAP?
post #26 of 41
Since info conflicts with a Danial Eran Dilger article. Which is odd since he also writes for AI as aka Prince McLean.

http://www.roughlydrafted.com/2009/0...-3-0-mail-bug/
post #27 of 41
Quote:
Originally Posted by chronster View Post

If there's no restore function for old files then why didn't they program the phone to actually delete the file? Something's stinky here. Like they made it so if it's needed, the GOVERNMENT could pull up all your activity on the phone and analyze your behavior!

THE GOVERNMENT MAN!


time for your meds man.

it's likely a glitch in the spotlight feature such that it's not redoing the spotlight index when the trash is removed to ignore the old records of those messages. and yes i'm sure Apple is aware and working on it.

A non tech's thoughts on Apple stuff 

(She's family so I'm a little biased)

Reply

A non tech's thoughts on Apple stuff 

(She's family so I'm a little biased)

Reply
post #28 of 41
Weird. I can't reproduce this at all. Tried with two different POP accounts.

iPhone 3G OS 3.0.1.
post #29 of 41
First of all this does not pose a major security threat. Most corporations you work for keep copies of every email you receive or send. On Windows machines when you delete a file or message even though you can't see it anymore its still there. I don't hear any of you calling either of these situations a major flaw.

If you have a corporate email account with the company you work all of your emails are subject to inspection, you have no right to privacy from your employer so what difference does this make in the big picture? Apple will issue a fix and then all will be good. However your emails can still be read by your employer even if the company does not pay for your phone.

We use exchange and the email is gone for good if you delete it off the server. I could not replicate this issue on my iPhone with my exchange email address or my .mac account. Maybe this is something that only impacts some people and not others.

Still no one, at least so far has presented a viable case explaining why this is major security flaw. Apple Insider should have questioned why this is a major security flaw.
post #30 of 41
Quote:
Originally Posted by jsandresen1 View Post

Still no one, at least so far has presented a viable case explaining why this is major security flaw. Apple Insider should have questioned why this is a major security flaw.

Well, I'm not sure I think it's, "a major security flaw," and I certainly wouldn't classify it as "disastrous", but here's a couple of scenarios where it could lead to unpleasant consequences:

1. You live or are traveling in an area with severe blasphemy laws. You're iPhone is "searched" at, for example, an airport and a message someone (perhaps even a spammer) sent you with a subject line critical of the locally revered deity is found, despite the fact that you deleted the message and emptied your trash. You are hauled away and punished according to the local custom for such things.

2. You live or are traveling in an area where sodomy (a term which can cover a number of different acts engaged in by members of the same or opposite gender) is illegal. Your phone is found to contain a message indicating that you have engaged in an act of sodomy with a local resident. You are both hauled away and punished according to the local custom.
post #31 of 41
Quote:
Originally Posted by AppleInsider View Post


"As far as I can tell, there is no way to completely delete emails from iPhone OS 3.0, which isn't just strange, it's a disastrous security flaw," John Herrman writes for Gizmodo.

snip


always consider the source... could it be more shrill?
post #32 of 41
Is this a bug despite the feature that allows for deleted messages to remain on the device based on your account settings. Settings / Mail, Contacts, Calendars / (Select an Account) / Advanced / Deleted Messages: Remove / Then pick how long deleted messages stay on the device. This setting must apply to messages that have been deleted from the InBox AND the Trash.

Try changing the setting to "One Day" and search for the deleted email in 25 hours.
post #33 of 41
Quote:
Originally Posted by Mrnizegy View Post

Is this a bug despite the feature that allows for deleted messages to remain on the device based on your account settings. Settings / Mail, Contacts, Calendars / (Select an Account) / Advanced / Deleted Messages: Remove / Then pick how long deleted messages stay on the device. This setting must apply to messages that have been deleted from the InBox AND the Trash.

Try changing the setting to "One Day" and search for the deleted email in 25 hours.

I think it's just the new low in reporting... repeating what other people said without actually checking if the problem can be remedied in the "Settings". Actually, it's possible to set it to delete it immediately in the settings... how moronic can they reporters get?

And they say this is a security loophole how? Well, the user can change the settings.. they apparently think that everyone that cares about security leaves it on the default configuration, just like how you would leave a wireless network with the "default" network name and no password and think it's secure..
post #34 of 41
Quote:
Originally Posted by Mrnizegy View Post

Is this a bug despite the feature that allows for deleted messages to remain on the device based on your account settings. Settings / Mail, Contacts, Calendars / (Select an Account) / Advanced / Deleted Messages: Remove / Then pick how long deleted messages stay on the device. This setting must apply to messages that have been deleted from the InBox AND the Trash.

Try changing the setting to "One Day" and search for the deleted email in 25 hours.

Quote:
Originally Posted by bartfat View Post

I think it's just the new low in reporting... repeating what other people said without actually checking if the problem can be remedied in the "Settings". Actually, it's possible to set it to delete it immediately in the settings... how moronic can they reporters get?

And they say this is a security loophole how? Well, the user can change the settings.. they apparently think that everyone that cares about security leaves it on the default configuration, just like how you would leave a wireless network with the "default" network name and no password and think it's secure..

HAHAHA! Yes, it's so funny, isn't it?!

Oh, but wait, no, it doesn't have anything to do with what you are saying. Have a nice day!
post #35 of 41
Quote:
Originally Posted by Mrnizegy View Post

Is this a bug despite the feature that allows for deleted messages to remain on the device based on your account settings. Settings / Mail, Contacts, Calendars / (Select an Account) / Advanced / Deleted Messages: Remove / Then pick how long deleted messages stay on the device. This setting must apply to messages that have been deleted from the InBox AND the Trash. Try changing the setting to "One Day" and search for the deleted email in 25 hours.

Quote:
Originally Posted by bartfat View Post

I think it's just the new low in reporting... repeating what other people said without actually checking if the problem can be remedied in the "Settings". Actually, it's possible to set it to delete it immediately in the settings... how moronic can they reporters get?... And they say this is a security loophole how? Well, the user can change the settings.. they apparently think that everyone that cares about security leaves it on the default configuration, just like how you would leave a wireless network with the "default" network name and no password and think it's secure..

Seriously, if you're gonna comment at all, could you at least read the article and the thread above you before you do?
In Windows, a window can be a document, it can be an application, or it can be a window that contains other documents or applications. Theres just no consistency. Its just a big grab bag of monkey...
Reply
In Windows, a window can be a document, it can be an application, or it can be a window that contains other documents or applications. Theres just no consistency. Its just a big grab bag of monkey...
Reply
post #36 of 41
Quote:
Originally Posted by jsandresen1 View Post

Still no one, at least so far has presented a viable case explaining why this is major security flaw. Apple Insider should have questioned why this is a major security flaw.

How about confidential company data being distributed by email. It is 'deleted', then the iphone is lost or stolen. Being a mobile device, misplacement of the device is far more likely than the possibility of the same happening to, say, a desktop computer.

We've already seen that the pin protection is useless with the right tools, and you can turn flight mode on trivially so all of a sudden some one could have access to a sandboxed iphone with 'deleted' corporate data.
post #37 of 41
Many POP email readers on computers work like this by design, Thunderbird for example and several others (not sure about Apple Mail on the Mac). When you "delete" an email from your inbox or wherever it doesn't actually move it to the trash folder (i.e. copy and to the trash and delete it from the inbox) as you might expect, it simply flags it as invisible (to the email app) in the inbox folder and copies it to the trash folder. Even after you empty the trash the original email is left behind in the inbox, but you don't see it because it's flagged as invisible. Every now and then (as determined by preferences settings) the email app either automatically, or by user command, does a compact folders (sometimes called compression) operation - this goes through all your email folders and deletes any old emails that have been marked as invisible. Really deletes them. And gives you back some free disk space in return, hence the name of the command.

They work like this because... well it seems mostly because back in the day the overhead of deleting emails immediately might have impacted response time for the users too much so physical deletion was hived off onto a sort of background task that only ran when really necessary. And well, "it's Unix dude, that's how it's done". I've used this behaviour to recover important emails I mistakenly emptied from the trash several times over the years (you can simply edit the inbox folder and see the supposedly deleted mails there).

I don't know if this is the explanation for the iPhone's failure to really delete POP mail messages, but it wouldn't surprise me (you need a way to invoke the compact folders command either automatically or manually for the scheme to work and I've never seen anything in the iPhone's mail settings like it). It's also something more people should be aware of with their desktop/laptop email programs. You might be surprised how many old emails are kicking around in your POP mailboxes on your hard drive.
post #38 of 41
Quote:
Originally Posted by djsherly View Post

How about confidential company data being distributed by email. It is 'deleted', then the iphone is lost or stolen. Being a mobile device, misplacement of the device is far more likely than the possibility of the same happening to, say, a desktop computer.

We've already seen that the pin protection is useless with the right tools, and you can turn flight mode on trivially so all of a sudden some one could have access to a sandboxed iphone with 'deleted' corporate data.

The bug is that the Spotlight database is not informed immediately that an e-mail has been deleted and does not remove the records related to it. It's not a bug in that sense; it's a matter of not considering all the ramifications of Spotlight. Even if the entire email table is securely erased, if another program has copied the data, there's no overall effect.

The fix is that Spotlight must be notified when an email is deleted.

For the advanced readers, this problem also exists in OS X Leopard.
post #39 of 41
Quote:
Originally Posted by dshan View Post

Many POP email readers on computers work like this by design ... It's also something more people should be aware of with their desktop/laptop email programs. You might be surprised how many old emails are kicking around in your POP mailboxes on your hard drive.

I would ask whether an end-user should really be required to know these things. Of course, this is not a slight at Apple or any one who writes a POP client but really, when a user deletes an item, unless it is clear it is being moved to trash then it is reasonable to expect that the messages is actually deleted.
post #40 of 41
Quote:
Originally Posted by AppleInsider View Post

The act of deleting an e-mail within iPhone OS 3.0 isn't enough to destroy its contents, and Apple is reportedly aware of the flaw and could be working on a fix.

Citing a source within Apple, Gizmodo stated that the fix will likely come in iPhone OS 3.1 for the iPhone and iPod touch. The problem, first discovered by Cult of Mac, happens when a user attempts to delete an e-mail. Even after emptying the Mail application's trash, the message -- and all of its contents -- are still accessible through the phone's Spotlight search feature.

To test the flaw, delete a message within the iPhone's Mail software. Remove it from the trash, and check your mail server to ensure it's erased. Then, search for the subject line of the message in Spotlight, where, in many cases, the entire message can still be read.

While some reports allege both IMAP and POP accounts are affected, a number of AppleInsider readers have commented that IMAP accounts are in fact not vulnerable to the Spotlight bug.

"As far as I can tell, there is no way to completely delete emails from iPhone OS 3.0, which isn't just strange, it's a disastrous security flaw," John Herrman writes for Gizmodo.

The site's internal tipster doesn't give any certainty, though, only saying Apple will "probably" include a fix in the upcoming iPhone OS update.

Matt Janssen created a video to demonstrate the security flaw. In it, he said that he has been able to find e-mails that are "over three or four months old." He shows off the bug on a second-generation iPod touch using software 3.0, and pulls up a message he deleted from June. When opening the mail through Spotlight, Mail crashes at first, but after opening a second time, the message can be opened in the mail inbox as message "1 of 0."

"These messages are still on the iPod somewhere, even after you delete them, but you can't find them without searching for them," Janssen said. "Like I said, this is a security issue, a bug, and hopefully Apple will fix it in some later releases."

Spotlight search is a new feature of the latest iPhone software, released in June. It offers global search capabilities, which enable users to quickly find apps, notes, e-mails, calendar events, contacts, music and other media files.


Story about this was first reported by iPhoneinCanada.ca on August 16th, a day before Cult of Mac.

http://www.iphoneincanada.ca/tips-tr...tlight-search/
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: iPhone
AppleInsider › Forums › Mobile › iPhone › Apple aware of iPhone OS 3.0 e-mail security bug