Cable Forum - View Single Post - Apple turn iPhone security issue into 'Nothing to see here move along'

BenMcr · 16-09-2009, 10:15

http://news.cnet.com/8301-13579_3-10354209-37.html

So this issue originally was:

iPhone OS 3.0 did not identify itself properly to Exchange 2007 on any iPhone. This means that if you had a 3G and Exchange 2007 was configured to require hardware encryption, you could still login, even though the device does not have hardware encryption.

Apple's response to the fact that all previous iPhones were essentially breaking the security of any company using them:

"iPhone OS 3.1 is working properly with Exchange Server 2007," Apple representative Natalie Harrison told CNET News. "We added device encryption information to the data that can be managed by IT administrators using Exchange Server 2007. The policy of whether to support iPhone 3G, in addition to iPhone 3GS, which always has on-device encryption, on Exchange Server 2007 is set by the administrator and can be changed at any time."

The only way to continue to use the older iPhones - which were sold with 'Exchange support' - is to turn off the hardware encryption rule for those devices.

I'm pretty sure if this was any other company then people would be down on them like a ton of bricks

16-09-2009, 10:15	#1
BenMcr Virgin Media Staff Join Date: Nov 2006 Location: Manchester Services: 360 x2, Maxit TV, Sky Sports and Sky Cinema. Gig1 Posts: 17,929	Apple turn iPhone security issue into 'Nothing to see here move along' http://news.cnet.com/8301-13579_3-10354209-37.html So this issue originally was: iPhone OS 3.0 did not identify itself properly to Exchange 2007 on any iPhone. This means that if you had a 3G and Exchange 2007 was configured to require hardware encryption, you could still login, even though the device does not have hardware encryption. Apple's response to the fact that all previous iPhones were essentially breaking the security of any company using them: "iPhone OS 3.1 is working properly with Exchange Server 2007," Apple representative Natalie Harrison told CNET News. "We added device encryption information to the data that can be managed by IT administrators using Exchange Server 2007. The policy of whether to support iPhone 3G, in addition to iPhone 3GS, which always has on-device encryption, on Exchange Server 2007 is set by the administrator and can be changed at any time." The only way to continue to use the older iPhones - which were sold with 'Exchange support' - is to turn off the hardware encryption rule for those devices. I'm pretty sure if this was any other company then people would be down on them like a ton of bricks