Today I learned that the Apple iPhone re-purposes the IMAP protocol to implement the voice mail feature.
By sniffing the network traffic it was possible to examine the IMAP protocol revealing username and the corresponding hashed password (which allows to repeat a successful login) and of course all voicemail files. We want to highlight, that all the voicemail files have been transferred unencrypted.
Assessment of Visual Voicemail from 2012
You did not know this? Based on the fact how simple this is done based on “standards”, it is surprising that some carriers/resellers do not offer this at all. I