Indeed. It is merely a productivity feature with some adverse security implications. Not that uncommon, unfortunately.
* * *ASB* *http://XeeMe.com/AndrewBaker* *Harnessing the Advantages of Technology for the SMB market… * On Sun, Nov 13, 2011 at 9:09 AM, Steve Kradel <[email protected]> wrote: > This isn't a design flaw -- Apple expects you to use Siri to respond > to texts, calls, etc., without unlocking the device, possibly while > driving; cf. the recent commercial of a jogging man asking Siri, "Read > me that last text." To bury this feature would probably make it > inaccessible to a large swath of device users. > > On Sat, Nov 12, 2011 at 10:47 PM, Steven Peck <[email protected]> wrote: > > In general you need a valid account to access your email. As MBS > indicated > > it may be a local issue with something not honoring the account settings > we > > don't actually know until a few of the repetitive folks do some testing. > > The rest is Statler and Waldorf in the balcony pointing fingers about a > > setting you don't like. We diabled ActiveSync on account creation. It > > doesn't seem to be an issue as it was an access question we considered > > during our planning. Just like disabling POP and IMAP access by default > as > > well. (We do have a few appliciton accounts (Oracle) that need IMAP > access > > so it's enabled. > > > > Steven > > > > On Sat, Nov 12, 2011 at 5:26 PM, Jonathan Link <[email protected]> > > wrote: > >> > >> Hmm, remember a mess of things like this from Microsoft years ago. > It's a > >> design flaw if you can't change the behavior. Otherwise it's a user > >> configurable setting. It's #1 a consumer device, we may be shoehorning > apps > >> which access the enterprise onto it. It's still a consumer device. > >> > >> On Sat, Nov 12, 2011 at 5:10 PM, James Hill < > [email protected]> > >> wrote: > >>> > >>> What kind of good security design has “less security” as the default? > >>> > >>> > >>> > >>> It’s a security design flaw, simple as that. > >>> > >>> > >>> > >>> From: Jonathan Link [mailto:[email protected]] > >>> Sent: Saturday, 12 November 2011 1:30 PM > >>> > >>> To: NT System Admin Issues > >>> Subject: Re: Stupid iPhone 4S Security Loophole > >>> > >>> > >>> > >>> Fine disagree. It is a huge stretch to call something a design flaw if > a > >>> setting can be changed by the user. Not your first, though. > >>> > >>> On Friday, November 11, 2011, Kurt Buff <[email protected]> wrote: > >>> > I disagree. The reason I think it's a design flaw, IMO, is that > >>> > settings with security implications should be set to the more secure > >>> > setting by default. I suppose you could get all airy about it and say > >>> > that their approach to design is flawed - that is, Apple seem to be > in > >>> > favor of ever feature turned on out of the box so that users are > >>> > fooled into believing they don't have to make decisions. > >>> > > >>> > The basic stance should be: Turn off almost everything by default, > and > >>> > let the user choose to turn on what they want afterward. > >>> > > >>> > Microsoft is learning this lesson. Apple hasn't yet. OpenBSD has > >>> > mastered this lesson, and FreeBSD pretty much has it down pat, too. > >>> > > >>> > I will say that I think that this particular issue isn't of > >>> > Earth-shattering proportions, but it seems to be in line with Apple's > >>> > general outlook... > >>> > > >>> > Kurt > >>> > > >>> > On Fri, Nov 11, 2011 at 15:56, Jonathan Link < > [email protected]> > >>> > wrote: > >>> >> No. It is user configurable. > >>> >> At worst, Apple didn't disclose the security implications. Since it > is > >>> >> a > >>> >> consumer device I am unsurprised. > >>> >> On Friday, November 11, 2011, Kurt Buff <[email protected]> > wrote: > >>> >>> that's not a bug, that's a design flaw. > >>> >>> > >>> >>> On Fri, Nov 11, 2011 at 14:40, Micheal Espinola Jr > >>> >>> <[email protected]> wrote: > >>> >>>> Ah, but that's not a bug - its a feature. > >>> >>>> > >>> >>>> -- > >>> >>>> Espi > >>> >>>> > >>> >>>> > >>> >>>> > >>> >>>> > >>> >>>> > >>> >>>> On Fri, Nov 11, 2011 at 2:15 PM, Stu Sjouwerman > >>> >>>> <[email protected]> > >>> >>>> wrote: > >>> >>>>> > >>> >>>>> You may have missed this, but there is a hole in Siri, the > >>> >>>>> much-touted > >>> >>>>> iPhone 4S personal assistant. The default setting for the new > A.I. > >>> >>>>> is > >>> >>>>> "On", which means that even when a user's phone is locked, anyone > >>> >>>>> could pick it up, hold down the home button and tell Siri to send > >>> >>>>> texts and emails. OUCH! > >>> >>>>> > >>> >>>>> There's an easy fix though, if you don't want Siri to work when > the > >>> >>>>> phone is locked, simply change the default setting from "Allow > >>> >>>>> access > >>> >>>>> to Siri when locked with a passcode" to "Off." Just make sure > it's > >>> >>>>> done. > >>> >>>>> > >>> >>>>> Warm regards, > >>> >>>>> Stu > >>> >>>>> > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
