Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

@tmpajk How does it make Mailbox more secure. Let's talk about the scenario where you have access to an iPhone for few minutes. In one case, you can go through some contents, in another case you can copy all emails and contacts. My whole point is files or attachments on information on every app that has sensitive information should be protected. There are various ways to do it on iOS! One can use keychain to store some secret key and protect these files using that secret key.


The risk is that people assume their email is secure because the email storage on the iPhone is secure.


Where is the key kept then? One possibility, the user has to know it, at which point we're back to the fact that users dont seem to want a password for their email app (again, happy to see an interesting post on the generalities of email app security). The other approach is to store it somewhere on the phone, at which point connecting the phone to a computer as you describe is still an attack vector; you just need to find the key.

Of course, I am not highly versed in security, so if there's another option I'm interested to hear it.


One can keep a secret key anywhere other than Document or Library directory of such apps. One of the obvious place will be device keychain.




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: