X

iPhone OS 3.0 Mail security issue fixed in OS 3.1

iPhone OS 3.0 has a bug in the Mail app that may allow you to retrieve and view deleted messages on your iPhone or iPod Touch.

David Martin
David Martin has more than 20 years of experience in the industry as a programmer, systems and business analyst, author, and consultant.
David Martin

A video posted recently on YouTube demonstrates, on an iPod Touch, a potential security risk for users of iPhone OS 3.0. The bug allows e-mails that have already deleted to be viewed by searching for the title of the deleted message.

Credit: Matt Janssen

The results of the search display two copies of the message. Selecting either one of these the first time will cause Mail to crash. The second time you select the messages, the iPhone may display the original message or you may get a warning that states: "Message cannot be displayed because of the way it is formatted." You should note that the message is displayed in Mail as "1 of 0" and it is "partially downloaded." The download button used to retrieve the remainder of the message doesn't work.

Fortunately, one developer said this problem appears to have been resolved in iPhone OS 3.1 beta 3, since the developer was not able to recreate the bug after upgrading.

Update 08/19/09 at 8:19 PM PDT: The iPhone OS bug described in this post does not affect IMAP e-mail accounts, but it does affect POP e-mail accounts.