Spotlight search in OS X Yosemite revealing personal user details

0

spotlight-640x233

Spotlight Search in Yosemite OS X seems to contain a vulnerability that causes accidental users personal details to be exposed. This happens as Spotlight searches through emails.

According to German news site Heise, the problem in the fact that Spotlight automatically previews with the search results. Because the search engine also searches e-mails can be automatically opened the included images in this way. This allows any transmitted information tracking, which is hidden in the illustrations do his work.

Even if users have chosen not to images in emails will automatically open the search engine access: according to Heise Spotlight not adhere to this setting. In addition, also emails searched who have ended up in the junk folder. Such emails will contain more than average tracking information.

The leak Spotlight can be captured by using IP addresses and finds out possible when and how often a user has viewed the image, like email addresses that has been received. Such information may be of interest to spammers who want to know if their emails are received and viewed.

Meanwhile, there is a plug-in designed  that allows Spotlight only searches the text versions of emails.Thereby images are thus left alone. It is still unclear whether Apple will repair the leak or not.

Follow us on Twitter, subscribe to our Facebook Page, find us on LinkedIn, circle us on Google+