John Varela <
newl...@verizon.net> wrote:
> On Sun, 5 Nov 2017 04:23:01 UTC,
dem...@actrix.gen.nz (David
> Empson) wrote:
>
> > John Varela <
newl...@verizon.net> wrote:
> >
> > > Today I had reason to open my iPad's "Settings/Accounts & Passwords"
> > > for the first time in months, and there I discovered a mail account
> > > that is all news to me. I have no idea what it ior how it got there.
> > >
> > > The Account information says "These settings are installed by the
> > > profile 'RedAlerts Emergency'." Its email address and User Name are
> > > EdsonKha...@myminbox.email and the Host Name is
> > > 20170714.imap.email.minbox.email. That makes no sense to me, but
> > > that's what it says in Settings.
> > >
> > > The account was not active so it has not been appearing among Mail's
> > > Inboxes. There is no similar account on any of our Macs.
[...]
> > > I can find no way to remove this account from the iPad. Is there
> > > one?
> >
> > Because the email account was installed using a profile, you can't
> > delete it directly. You need to delete the profile instead.
> >
> > That is done in Settings > General > Profiles.
>
> That worked like a charm. Thank you very much for pointing me there.
[...]
> > I suspect the profile was installed by an app that was used on your
> > iPad, but that can only happen if it asked you first and you granted
> > permission. That is NEVER a good idea unless you are absolutely certain
> > you trust the app and understand why it is necessary.
>
> I'm well aware of that. There are no apps on my iPad that didn't
> come from the App Store.
>
> > This discussion thread seems relevant:
> >
> >
https://discussions.apple.com/thread/8039386?start=0&tstart=0
>
> All the apps on my iPad came from the App Store. I may have accepted
> something from one of those apps, but since it came from the App
> Store then surely it was harmless. Might have it been usage feedback
> to the developer?
Profiles can be installed by apps from App Store. In the article I
linked, a profile of a similar name to the one you described came from
an unidentified weather app.
It is also possible to have profiles installed via other methods, e.g.
from a web site or an email attachment.
In all cases, a profile can never be installed automatically. The user
is always asked for permission, and it involves typing in the passcode
(or TouchID/FaceID?) to confirm that you are the legitimate user.
If you don't recall doing something like that, is there anyone else who
uses your iPad and knows its passcode? Maybe they installed an app which
set up the profile, and they authorised it.
The installation of a profile which creates an email account is
something I've seen on one person's iPhone recently - in that case it
was an email account from their ISP, so it seems like the ISP supplied a
profile to simplify the setup process for the user, possibly via their
app. Therefore that is a legitimate use of profiles, and Apple does not
block apps which do that.
For some kind of "emergency alert" app, setting up a profile to fetch
email from a particular server to get alerts is one way they could do
it, though it is a rather ugly method. It may not have triggered any
alarm bells when Apple was reviewing the app. The profile would still be
there even if you deleted the app which installed it.
Profiles can do a lot of things including creating VPNs, changing
network settings (and most other settings including some hidden ones),
blocking the use of particular apps (including some standard ones),
disabling features such as the camera, and installing root certificates.
Apart from Apple beta programmes, a major use of profiles is for devices
managed by companies, which is where many of the lockdown features get
applied, e.g. if a company is dealing with secret information they may
require all devices to have the cameras disabled. These profiles can
also provide a way for the company to remotely manage your device
including wiping it.
Therefore you should never allow any profile to be installed on your
personal device unless you understand its purpose, and trust whoever is
installing it.
> Thanks again. You've been very helpful.
You're welcome.
--
David Empson
dem...@actrix.gen.nz