When Your Company Remote-Wipes Your Personal Phone 446
Xenographic writes "NPR has a story about someone whose personal iPhone got remotely wiped by their employer. It was actually a mistake, but it was something of a surprise because they didn't believe they had given their employer any kind of access to do that. This may already be very familiar to Microsoft Exchange admins, but the problem was her iPhone's integration with MS Exchange automatically gives the server admin access to do remote wipes. All you have to do is configure the phone to receive email from an MS Exchange server and the server admin can wipe your phone at will. The phone wasn't bricked, even though absolutely all of its data was wiped, because the data could be restored from backup, assuming that someone had remembered to make one. But this also works on other devices like iPads, Blackberry phones, and other smartphones that integrate with MS Exchange. So if you read your work email on your personal phone or tablet, you might want to make sure that you keep backups, just in case."
Re:we have the same policy at work (Score:3, Funny)
From TFA:
Someone in the IT department had sent out what's called a "remote wipe," a kind of auto-destruct command that's delivered by e-mail.
I'm really, really looking forward to the first story we get of an admin accidentally sending the message to a contact list, such as the entire company, and wiping everyone's data from the CEO down. Future computer science students will learn about the lessons of the Therac-25, the Ariane-5 rocket, and the Exchange/smart phone integration that brought a fortune-500 company to a standstill for a week.
Re:Our university is even worse... (Score:3, Funny)
This little "tool" does an include of remote PHP files based on the unsanitized GET request data.
I don't believe that for a second. ..could you provide a URL to back up your claim?
Since we're trolling (Score:3, Funny)