How Apple’s Address Book app could allow the NSA to harvest your contacts

0
382

Ashkan Soltani Overlooked in last week’s revelation that the National Security Agency is harvesting hundreds of millions of e-mail address books around the world was this surprising factoid: Apple makes this mass collection easier because the Address Book app that by default manages Mac contacts doesn’t use HTTPS encryption when syncing with Gmail accounts. As a result, addresses that automatically travel between Macs and Google servers are sent as plain text , independent privacy researcher Ashkan Soltani wrote in The Washington Post last Monday. He provided the above screenshot demonstrating that Address Book contents appear in the clear to anyone who has the ability to monitor traffic over a Wi-Fi network or other connection. His observation came 15 months after another Mac user also warned that the Mac app offered no way to enable HTTPS when syncing e-mail address lists with Gmail . “It appears that it’s an Apple issue,” Soltani told Ars, referring to the inability to enable HTTPS when Apple’s Address Book is updated to a user’s Gmail account. “Their other products support Gmail over via HTTPS, so I suspect it would be a three-line fix in the contacts to alleviate this problem.” Read 7 remaining paragraphs | Comments        

View article:
How Apple’s Address Book app could allow the NSA to harvest your contacts

LEAVE A REPLY

Please enter your comment!
Please enter your name here

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.