14 DAY TRIAL // Security researcher Aviv Raff has recently gone public on a few flaws he discovered in the iPhone OS a couple of months ago. While Apple was notified of the discovery of the flaws at the time, the company is yet to issue a patch. Since being notified of the vulnerabilities, Apple has released as many as three firmware updates for the iPhone, none addressing any of them.
Raff mentions that iPhone's mail application can easily be targeted by spammers, as said e-mail app automatically downloads images – it doesn't ask for the user's consent. “The iPhone's Mail application downloads all images automatically, and there is NO WAY to disable this feature!” Raff warns.
This is why, when the image refers back to a server-side script as it gets downloaded, the user will simply see an opened e-mail from a valid e-mail address, exposing his / her address to the risk of spamming. “If the images were downloaded automatically, the spammer who controls the remote server will know that you have read the message, and will mark your mail account as active, in order to send you more spam,” says Raff.
As far as phishing vulnerabilities go, the iPhone has hit another home run, the researcher claims. As many of you should know, the iPhone's Mail application can be used to view both HTML and plain text mail messages. By viewing an e-mail in HTML format, the text of links can be set to a different URL than the actual link. By hovering the link, users get a tooltip which shows them the actual URL that they are about to click. However, as Raff puts it, “in iPhone it's a bit different.”
Besides having to click the link for a longer period of time, long URLs are automatically cut off in the middle, because of the reduced size of iPhone's screen. “The problem here is that an attacker can set a long subdomain (~24 characters) that, when cut off in the middle, will look as if it's a trusted domain,” the researcher believes, offering the screenshot to the left as an example.
"I think they put their own users at much more risk by not fixing this," Raff adds. "At least now the users who read this will know to be careful. It's only a matter of time until the bad guys will find this anyway," the security expert concludes by saying.
Since there's no workaround for these flaws for the time being, Raff advises users to avoid using the Mail app until Apple issues a fix.
