Apple encryption is like the Loch Ness Monster

German researcher Andreas Kurtz has found out that the fruity cargo cult Apple might not be telling the full truth when it claimed that email attachments sent from iOS were encrypted.

Writing in his bog, Kurtz said he found email attachments for POP, IMAP and ActiveSync accounts were available in clear text on iPhone 4, 5s and iPad 2 devices.

Email attachments within the iOS 7 were not protected by Apple’s data protection mechanisms…considering the long-time iOS 7 is available and the sensitivity of email attachments many enterprises share on their devices – fundamentally relying on data protection – I expected a near-term patch.

Email attachments were exposed on firmware iOS 7.1.1, 7.1 and 7.0.4 which Kurtz looked at by voiding the warranty on his shiny toys by using jailbreaking devices.

Apple’s claims on its website that email attachments on all devices newer than the iPhone 3GS were protected by encryption.

Kurtz said Apple was aware of the problem but did not say when a patch would be ready. Of course, Apple is not saying anything.

Email attachments are safe on new devices such as the iPhone 4s, 5s and 5c running the latest iOS platforms. It appears to be because the jailbreak security modification was required for users to access the internals of iDevices including the ability to nab email attachments.

Kurtz suggested users of affected devices consider disabling mail synchronisation as an albeit inconvenient workaround.