After some prodding from Glenn in the comments of my post on Goodreader and the iPad, it turns out that the security culprit doesn’t look like it’s Goodreader at all. It’s the Port 4242 that gave it away, and much thanks to Glenn for pointing it out…I was too concerned with publishing fast, and didn’t follow up the details as well as I should have.
It looks like Goodreader lets you SEE any shared iPad on wifi, but it doesn’t share openly in the way that I described. The bad guy here appears to be QuickOffice, which DOES use port 4242 and share files by default across a shared wifi LAN. I could see in Goodreader the files that someone else had on their iPad in QuickOffice…not the normal set of events for the iOS devices, as the file systems are normally sandboxed to not allow that to happen.
So: revised security alert! If you use QuickOffice on your iOS device (iPhone, iTouch, iPad) please ensure that you have sharing off by default, so that others aren’t able to see your stuff at all.
3 replies on “Quick Office, not Goodreader”
[…] & the iPad EDIT: please check out my new post, with the real problem identified. This post contains old information that is not […]
Thank you for getting to the root of the problem, Jason!!
In general, seems like any iOS program that offers WebDAV-based access (or any kind of network sharing, of which WebDAV is most likely) should warn about unprotected access and urge a password be set! Thanks for the follow up.