Full Disclosure mailing list archives
Re: Another Apple Security Failure (Apple Mail on the iPhone)....
From: Caspian Kilkelly <caspian () random-interrupt org>
Date: Fri, 15 Nov 2013 00:23:33 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 What version of IOS was this? I'm looking into something similar on other apple platforms, but it doesn't seem consistently repeatable. On 13-11-11 6:41 PM, Jeffrey Walton wrote:
My iPhone does not store sensitive information. Its a phone an music player only. (I'm not sure it could save sensitive information if I needed it, as the following demonstrates). About 6 weeks ago, a colleague was having trouble adding an email account to his iPhone and sending email. I allowed him to add his account to my iPhone for testing. After testing, we deleted the account. My colleague was having trouble with Apple iPhone mail again this week. This time, I added my account to the phone. I used my account because he's remote and I don't want his password. Note: we use the same incoming and outgoing email servers. After running the setup wizard, my outgoing server was populated with his email credentials - both username and password. So much for deleting that username and password about 6 weeks ago. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
- -- Caspian Kilkelly CISSP/CSM +1.514.577.6311 -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJSha/VAAoJEFQr1oY0cT5NJd4IAJqPrfCUCQUjPd+QipbFo5/H ErUHM6kQe8A84tSvl88+lbGk5sCzJi7QVLodWk8RZgssrAOnORvBOreNwFU+UVwt Twnm7KfmMPsSVV/36WtflE69u098Rs+dIRCKqGo9IYKyTBVI7e8bzdYr5DAniW+Z 8iF5eYZX/YwnYTFQgo31eSzzMKInZ1TNEPmj1jaD0qdRge95yJOzeG8lWSQqZAB8 LFlPzKexAp+ESrZwmQjegP9GjtD1caL5FvGq1nlmWCmFAtPe9tQpIiefw+mvK2Fc cNO/XgxFofn+2wCzncKpSMQAuifqhSlSOXFi0G7cb9Wiop52XTkmMmV7L2NXpCo= =YzRt -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Another Apple Security Failure (Apple Mail on the iPhone).... Jeffrey Walton (Nov 11)
- Re: Another Apple Security Failure (Apple Mail on the iPhone).... Caspian Kilkelly (Nov 14)
- Re: Another Apple Security Failure (Apple Mail on the iPhone).... Jeffrey Walton (Nov 14)
- Re: Another Apple Security Failure (Apple Mail on the iPhone).... Caspian Kilkelly (Nov 14)