What happens when a nominally secure email system turns out to be less secure than expected? That’s what Apple is currently remedying with a new fix to address security concerns with Apple Mail. At The Verge, Jay Peters has the details, noting that this is a blow for a company that has long touted its sterling reputation when it comes to privacy and security.
Peters does point out that this issue is something that won’t affect the vast majority of users:
You need to be using macOS, Apple Mail, be sending encrypted emails from Apple Mail, not be using FileVault to encrypt your entire system already, and know exactly where in Apple’s system files to be looking for this information. If you were a hacker, you’d need access to those system files, too.
Even so, it’s an unnerving development for Apple, given their reputation.
According to The Verge, this vulnerability was first uncovered by an IT specialist named Bob Gendler, who shared his findings on Medium. As Peters writes, Gendler brought this to Apple’s attention earlier this year. “Gendler first reported the issue to Apple on July 29th,” Peters writes, “and he says the company didn’t even offer him a temporary solve until November 5th — 99 days later — despite repeated conversations with Apple about the issue.”
Apple told The Verge that a future update will fix this security issue — but it remains an unsettling issue for those with concerns over privacy. Thankfully, Peters’s article also offers tips for addressing the security issue above and beyond seeing if you’re affected by it.
Subscribe here for our free daily newsletter.
Thanks for reading InsideHook. Sign up for our daily newsletter and be in the know.
