iPhone security flaw brings dead email to life

Status
Not open for further replies.

Justin

Posts: 914   +0

If you've used a computer for any length of time, you should understand that merely deleting a file is insufficient to truly erase its existence. You might imagine a different story from a phone – you delete an email and expect it to be gone. As phones evolve into miniature PCs, however, data retention may become an issue. Thus it was interesting to read about a recently discovered flaw present on the iPhone, where it seems that even after you delete an email message it can be easily retrieved so long as you know the subject line.

In a short video, one man has demonstrated how easy it is to pull back up a deleted email on Apple’s smartphone. It wasn't only affecting recent messages, either, but is effective even at pulling up emails deleted months prior. Flaw? Feature? You could easily swing both ways on this one. Sometimes people need to retrieve a deleted message; most others they want trashed data to remain that way.

There are certainly potential security concerns here that go far beyond simply being embarrassed. Should you need to ship your iPhone in for repair, you may be inclined to delete emails with any sensitive information on them first. Or, if you end up needing to recycle an old one, you don't want to risk the chance that someone can rifle through the trash and pull up old emails. What's your take – is this paranoia or a legitimate concern?

Permalink to story.

 
This is one of the issues that was discovered in the Watergate scandal -- deleted email was not 'erased' but only freed and disconnected from the email reader.
There are two forms of client email readers:
1) the inbox is a single file with all the messages stacked one upon the other and
2) where the inbox is a folder and each message is in its own file.​
When we compress our inboxes for (1), the messages in the middle get erase by moving those at the bottom up and removing those deleted.
The old messages at the bottom however just join the HD freespace and could be recovered.
Deleting from (2) is the same as any other 'file delete'... you can't find or see it, but it has joined the freespace per the above.
Anyone using Domain environment with Exchange server has the bigger issue that the server has a copy AND --- the admin will be taking backups.
Ergo: We've all lost privacy.
 
Well, these phones etc are really micro-computers, no doubt. iPhone software is based on OS X. So, the deleting stuff not actually deleting stuff is going to follow the same (or at least similar) paradigm!
And, we have evidently been warned!
 
The iPhone indexes the data on the iPhone which includes bookmarks, apps, email, SMS, address book, etc. This index is used at the search screen to allow for fast searching. The problem is that when you delete an email it isn't removed from the search index.
 
This so called 'flaw' has already been discussed numerous times on other sites. It's no bug, when you delete a file in your inbox it automatically moves it to the trash bin, just like e.g. hotmail. The only thing the iphone search function does, is point to the file in the trash, when you empty your trash, it's simply gone, there's nothing to be found with search and no bug!!

imho some people just do anything and believe anything to create some earth shattering story, when there's really nothing there at all.
 
Guest said:
This so called 'flaw' has already been discussed numerous times on other sites. It's no bug, when you delete a file in your inbox it automatically moves it to the trash bin, just like e.g. hotmail. The only thing the iphone search function does, is point to the file in the trash, when you empty your trash, it's simply gone, there's nothing to be found with search and no bug!!
Sorry but you did not look at the video. The content of the message deleted was viewable. It had been deleted from trash. Search found the message that was supposedly deleted and he could use it to open the content. THAT is a bug. Search found the indexes that were in the inbox and trash.
 
hellokitty[hk] said:
Free memory ftw?
Yes definitely! And updating your search index tables would be handy too! (Or at least verifying the search returns indexes of valid items).
 
Status
Not open for further replies.
Back