iPhone Design Flaws: Poses security problems

A researcher revealed that Apple iPhone has two design flaws that could pose potential security problems. The first one concerns the iPhone's e-mail application, which automatically downloads images within an e-mail, said Aviv Raff, a security researcher, on Thursday. That's problematic because the image will refer back to a server-side script when it is downloaded, […]

A researcher revealed that Apple iPhone has two design flaws that could pose potential security problems. The first one concerns the iPhone's e-mail application, which automatically downloads images within an e-mail, said Aviv Raff, a security researcher, on Thursday.

That's problematic because the image will refer back to a server-side script when it is downloaded, indicating to the sender that the e-mail has been opened and the e-mail address is valid. The address can then be spammed. E-mail applications usually are configured to block images from untrusted sources to prevent the problem, Raff said. He suggests that users avoid using the e-mail application or be careful when clicking on links in an e-mail that comes from an untrusted source.

The second design flaw is how the iPhone's e-mail application displays URLs. Messages can be shown in plain text or HTML. When in HTML mode, a user can get an e-mail where the text of the link is different than the actual link. The true link can be displayed by hovering over the text, and a pop-up window reveals the URL. But the problem is the pop-up window truncates the URL since there isn't enough space on the screen.

Full Article