iOS 7 Security Flaw Leaves Stored Email Attachments Unencrypted [Updated]
Apple states that it uses data encryption to protect email message attachments, but a report from security researcher Andreas Kurtz, via ZDNet, claims iOS 7.0.4 and later does not include this security feature.
Kurtz detected this flaw in iOS by accessing the file system on an iPhone 4 running iOS 7.1 and 7.1.1. Browsing through the email folder for an IMAP account, Kurtz discovered that the email attachments were stored in an unencrypted state. Besides the iPhone 4, Kurtz also was able to reproduce this vulnerability on an iPhone 5s and an iPad 2 running iOS 7.0.4.
I verified this issue by restoring an iPhone 4 (GSM) device to the most recent iOS versions (7.1 and 7.1.1) and setting up an IMAP email account1, which provided me with some test emails and attachments. Afterwards, I shut down the device and accessed the file system using well-known techniques (DFU mode, custom ramdisk, SSH over usbmux). Finally, I mounted the iOS data partition and navigated to the actual email folder. Within this folder, I found all attachments accessible without any encryption/restriction
Kurtz reported this issue to Apple, which acknowledged the flaw, but provided no timetable for patching it. This isn't the first security issue Apple has faced this year. The company recently patched a serious SSL connection verification flaw in both iOS and OS X that allowed an attacker with a "privileged network position" to capture data protected by SSL/TLS.
Update 3:11 PM PT: In a statement given to iMore, an Apple spokesperson said the company is working on a fix for the issue.
"We're aware of the issue," an Apple spokeswoman told iMore, "and are working on a fix which we will deliver in a future software update."