But Spagnuolo, on his own blog, claims that he quickly found a way to bypass Mailbox’s filtering:
Although we haven’t seen any reports of criminals exploiting this vulnerability, it’s clearly something that needs to be patched as quickly as possible.
While we’re waiting for Mailbox, now owned by Dropbox, to develop and update and fast-track it through Apple’s vetting to public release in the App Store, we should all be grateful that Spagnuolo hasn’t published details of how to bypass the rudimentary protection Mailbox put in place.
“We’re working on it!”
Meanwhile, it has also been confirmed that Spagnuolo wasn’t the only researcher to alert Mailbox about the security vulnerability.
Their response? “We’re working on it!”
“We’re working on it”? Hmm. That was at the end of May…