iPhone Web-Based IM Apps: Feeding the Honeypot?

Sure, Apple currently doesn't have a solution for IM on your shiny new iPhone but I believe there were probably some very good reasons why they didn't include it in the first place (battery life being the biggest reason).

So to fill the void, a couple of sites have popped up so you can IM on your iPhone. The first I found was a web interface for AOL IM which to date has received over 1000 digs. What people need to realize is that by using these services, you are allowing a proxy to pass your information to AOL and back again, namely your username, password and all conversation. The author does mention this and claims to not save any information but how can anyone be certain? I downloaded the source code to have a look-see and I found references to MySQL calls in the code. The calls seemed innocuous in nature, however. But what is stopping anyone from offering a faux version of the “source code” and having a more malicious version running live?

Where does it end? A site that will check your credit card balances for you– all they need are your account number and expiration date?

Moral of the story: beware of what you give up to third parties.

Leave a Reply

Your email will not be published. Name and Email fields are required.