Despite Apple’s claims that email attachments are safely locked away with data encryption in iOS 7, a new report has found that all your email attachments have been vulnerable and unencrypted for months.

After noticing that something was wrong with iOS 7.1 email attachments, Andreas Kurtz discovered that his email attachments could be accessed without having to get past encryption keys.

Accessing the files required physical access to the device, but Kurtz was able to quickly open email attachments on a mounted iOS data partition. Hacking into the attachments also requires attackers to know your iPhone passcode, or jailbreak the device, so it’s unlikely that you’d be targeted unless you have some highly sensitive information in your email attachments.

Apple is aware of the issue, but has yet to fix the hole. Kutz says he was able to recreate the issue on an iPad 2 and iPhone 5s, both running iOS 7.0.4.

We’ve reached out to Apple for comment on a pending fix and will update you once we hear more.

Update: Apple emailed Cult of Mac the following statement regarding the bug:

“We’re aware of the issue and are working on a fix which we will deliver in a future software update.”



Via: ZDnet