The iPhone is no stranger to gaping security flaws, but this one’s a doozy: You know how when you delete emails, you expect them to be, well, deleted? On iPhone 3.0, that’s just not how things work. This is bad.
You can watch the whole insincere deletion process play out above, but here’s a handy guide so you can follow along at home. Turn off your device radio and Wi-Fi connection for maximum OH GOD:
1.) Find a message with a memorable subject line, and delete it.
2.) Go to your trash, and remove the message from there.
3.) Check whatever IMAP folders may be listed on your device—this works with POP too — and make sure your message is really not
4.) Flick over to the main Spotlight search screen, and search for the subject line on that message that shouldn’t exist
5.) Be shocked and confused when you find that not only can you see the subject line in a simple search — you can still view the entire message.
I’ve tested this, and it works. I even restarted my iPod for good measure, and the message was still in the index, and still accessible by search, despite not appearing anywhere in the main Mail interface. As far as I can tell, there is no way to completely delete emails from iPhone OS 3.0, which isn’t just strange, it’s a disastrous security flaw.
Still, a few things don’t really add up here. The video submitter says he can find emails from months ago, but surely this would result in creeping storage consumption, and has to stop sometime. I mean, doesn’t it? And even if these messages are just hiding out in some secret folder or something, and can be delete by some obscure method, this isn’t how a mail client should behave, at all.
Try this yourselves and see if you can find any clues as to what’s going on here: I’m as alarmed as I am stumped. [CultOfMac]