You are using an outdated browser. Please upgrade your browser to improve your experience.
Claim: Apple Isn’t Encrypting Email Attachments In iOS

Claim: Apple Isn’t Encrypting Email Attachments In iOS

by Bryan M. Wolfe
May 5, 2014
Apple says it provides “an additional layer of protection for your email messages attachments, and third-party applications.” This isn’t true, according to security researcher Andreas Kurtz. In iOS 7, iOS 7.0.4, iOS 7.1, and iOS 7.1.1, Kurtz found that email attachments are not encrypted. He also found that the protected data feature in iOS 7 doesn’t work with those same attachments, although it does with other functions. He notes:
I verified this issue by restoring an iPhone 4 (GSM) device to the most recent iOS versions (7.1 and 7.1.1) and setting up an IMAP email account1, which provided me with some test emails and attachments. Afterwards, I shut down the device and accessed the file system using well-known techniques (DFU mode, custom ramdisk, SSH over usbmux). Finally, I mounted the iOS data partition and navigated to the actual email folder. Within this folder, I found all attachments accessible without any encryption/restriction:
Kurtz says that Apple is aware of these issues and has promised a fix. I have no doubt Apple will fix this issue promptly. Still, shouldn't this type of issue have been resolved many years ago? Via: 9to5Mac

Related articles

Swatch Doesn’t Want Apple’s Wearable Device To Be Called The ‘iWatch’
Swatch Doesn’t Want Apple’s Wearable Device To Be Called The ‘iWatch’
The AppAdvice Week In Review: Apple's Victory Over Samsung, WWDC And More
The AppAdvice Week In Review: Apple's Victory Over Samsung, WWDC And More
Nothing found :(
Try something else