According to the Huff Post, Sam Biddle, writer of the popular tech site Gizmodo spoke about a major security and privacy issue from his own point of view in a post titled “The Apple Bug That Let Us Spy On A Total’s Stranger’s iPhone.”
The “bug” means a hole in iOS 5 that potentially allows strangers, thieves, stalkers and oblivious buyers of stolen iPhones to see user’s mail that a certain iPhone owner sends over iMessage app.
Moreover, the writer provided a real-life story of how this works: a friend of Biddle’s took her son’s iPhone into an Apple store for a mundane repair.
After Apple’s Genius Bar had finished his work on the iPhone, the employee inserted his own SIM card into the phone to check whether his repairs had worked.
Having made sure that the device was working, he removed his SIM card and replaced the son’s SIM card into the slot, returning the iPhone to the family as good as new.
After these manipulations the son was able to see every iMessage that this Apple store Genius was both sending and receiving.
Everything the Apple store employee, who Biddle identifies only as Wiz, was sending on his own iPhone was being duplicated on the son’s iPhone.
Wiz had no idea that the details of his private life were being broadcast to the high school student whose iPhone he had fixed days prior in the Apple store where he worked.
So, Biddle summered up the story, saying “Now we see just how big of a deal this obscure “bug” is: Your entire personal life could be flung open, and you’d never know.”
Apple responded to the accustions in a statement to Jim Dalrymple, an Apple watcher who writes for The Loop, explaining that the employee simply “didn’t follow protocol.”
“This was an extremely rare situation that occurred when a retail employee did not follow the correct service procedure and used their personal SIM to help a customer who did not have a working SIM,” Apple representative Natalie Harrison told The Loop. “This resulted in a temporary situation that has since been resolved by the employee.”
Dalrymple also called the situation in which the customer received all the mail of employee’s iMessages a “perfect storm” with three easy fixes.
Tech Ccrunch reports: “Remote Wipe and then call your carrier/de-active your SIM (de-register must be within 24 hours after Remote Wipe) or Activate a replacement phone with a replacement SIM using your same phone number or Change your Apple ID password (only works if you use an Apple ID with iMessage).”
However, Gizmodo isn’t satisfied with this response. This still does not address what happens to iPhone owners with stolen phones, or iMessage users who aren’t aware that their SIM card has been placed in a different phone.
With the upcoming iOS 5.1 having entered Beta testing, we’ll have to see if Apple’s developers are able to resolve the great iMessage kerfuffle of 2012 and come up with a more satisfactory solution to what, for many, remains a dangerous, too-shadowy facet of an otherwise beloved, cash-saving iPhone feature, says the Huff Post.