A secure democratic Net is a fundamental right

The problem with Apple is that they see functions as absolute dogma's and aren't prepared to think about it. If they think that they are right, there is no way that you are going to convince the 'elite' of the computeruniverse (as they see themselves) that they are in fact very wrong. They have untill now not be able to establish a working relationship with security researchers and have had for this reason several confrontations and also no goodwill at all. Firms need that goodwill - based on past experiences and the belief in the good intentions - to have some complacency when they can't deliver the solution in time for whatever reason.

This is what happened to this security researcher

"I have disclosed the technical details to Apple few weeks before that post, in a hope to get those security issues fixed as soon as possible. Unfortunately, two and a half months later, and still there is no patch for those vulnerabilities. I've asked Apple several times for a schedule, but they have refused to provide the fix date. Three versions (v2.0.1, v2.02, v2.1) have been released since I provided them with the details, and they are still "working on it". Therefore, I've decided to publicly disclose the technical details."

The facts are these - and the things you can do

1. Do not respond to mails asking you to log in as you won't see the link itself when the subdomain is longer than 24 letters. You will not see the full link. For example https://www.securitycontrolcenter-logonrenewel.facebook.c............. 

2. If you read your mails with your iphone all images (or things that look like images because of their extensions) will be automatically downloaded. This is plain stupid. So if you wanna mess up someone's iphone you can send him a mail with links to a very huge image or an imagebomb (images opening links to other images that each open images to other images that each open images to other images.....)