A few weeks ago it was discovered that e-mail attachments supported within MobileMail.app in iOS7 are not adequately protected by the data protection mechanisms in Apple devices.
Long time ego during the reign of the iPhone 3G also hard discussed was the lack of data security. Then it turned out that after resetting, the old data can still be recovered and more with quite a small amount of work. Of course, both then and now, is contrary to the assumptions of data protection as the appropriate publication of Apple reads:
" Provides an additional layer of protection for ( ..) e-mail messages attachments ."
To verify the existence of this error just get to the device using well-known techniques using DFU mode, custom ramdisk and SSH via usbmux. Then simply mount the data partition only as iOS and go to the folder that contains the e-mails, there you will find attachments to them. Anyone can now indignant and say that this is small gap and that we always have a phone with us. And what do you say when that data will be available even after formatting the device as soon as I re- add a email address. Interesting is also the fact that they are totally unencrypted data:
# Mount_hfs / dev/disk0s1s2 / mnt2
# Cd / mnt2/mobile/Library/Mail
# XXD IMAP-MY_MAILADDRESS/INBOX.imapmbox/Attachments/4/2/my_file.pdf
0000000 : . 2550 4446 2D31 2e34 0a25 81e2 81e3 81cf % PDF - 1.4 % ......
0000010 : 81d3 5c72 0a31 0a3c 2030 206F 626a 3c0a .. \ R1 0 vol . << .
0000020 : 2f43 7265 696f 6e44 6174 6174 6520 2844 / CreationDate (D
0000030 : 3a32 3031 3330 3830 3532 3034 3830 3329 : 20130805204803 )
0000040 : 0a2f 4d6f 6444 6174 6520 2844 3a32 3031 / moddate (D: . 201
0000050 : . 3330 3830 3532 3034 3830 3329 5469 3080 0a2f 5204803 ) / Ti
0000060 : 746C 6520 2852 2047 7261 7068 6963 7320 TLE ( R Graphics
0000070 : 4f75 7470 290a 2f50 7574 726f 6475 6365 Output ) / products.
0000080 : . 7220 2852 2033 2e30 2e31 2f43 7265 290a (R 3.0.1 ) / Cre
0000090 : . . 6174 2028 5229 6f72 0a3e 3e0a 656e 646f ator ( R ) >> endo
To verify that actually protect data on the device is active , you may be tempted to gain access to protected file index ( database of e- mail ). As expected, the access to this file is not allowed.
# Xxd Protected \ Index
xxd : Protected Index: Operation not permitted
The problem has been reported to Apple and they replied that they are aware of the problem but can not give any date when a fix for this bug will be released. It is worth knowing that almost all major types of mail handling POP , IMAP, and ActiveSync are vulnerable.