Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×
Security

+ - iPhone exposes emails in plaintext for Yahoo users 1

Submitted by
holdenkarau
holdenkarau writes "You may remember the recent Slashdot article about Yahoo! Zimbra Desktop exposing usernames & passwords. It turns out that more than just Yahoo! Zimbra Desktop is affected, although to a lesser degree. With Yahoo!'s desktop program, it transmitted the usernames & passwords in plaintext. Yahoo! is one of the lucky few default e-mail providers on the iPhone; sadly it looks like Apple didn't insist on encryption from Yahoo! On the iPhone, authentication is encrypted, but you can see all the messages sent and received in plaintext. Incoming messages are downloaded in plaintext over the standard imap port. Outgoing mail is a bit harder to find, it is apparently sent by an HTTP post request wrapped up inside a bundle of XML, but security through obscurity isn't very effective. If you have Yahoo! mail on your iPhone (and since its one of the default accounts, I'm assuming quite a few do), you might want to look at forwarding it somewhere else for the time being, and using that account instead."
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

iPhone exposes emails in plaintext for Yahoo users

Comments Filter:

Yes, we will be going to OSI, Mars, and Pluto, but not necessarily in that order. -- Jeffrey Honig

Working...