some months ago I was travelling and flew from Frankfurt airport and, while there, I probably connected to some Telekom.de free hotspot. I have an iPhone 6 with iOS 9.02 (at that time it was 8.1.x).
Couple days ago I looked through my Safari saved credentials and I've found the following weird credentials I've never chosen to save nor I have seen:
BP-FRAxxxxxx@telekom.de
BP-FRAxxxxxx@telekom.de
G-FRA2015.PIPMNA@telekom.de
They look to me some free credentials used to log in to the hotspot, with BP-FRA being the prefix, then the xxxx part is the random username/password credentials.
The questions raised here are:
1) Is it possible to force Safari on iOS saving some credentials without prior user acceptance?
2) When I tried to remove those credentials, they got recreated automatically, even if nothing from iCloud was synchronized (I don't sync keychain nor safari on iCloud). How is that possible? Is there a functionality from Safari that allows remote providers to inject hidden profiles or something similar? I try resetting network settings, then global settings, but nothing, they were always there. I needed to restore my iPhone and set it up as a new iPhone to get rid off of them. No visible profile was installed.
Do you have any clue about what Telekom.de is doing and how is that possible?
Anyway, even if it was done only for free hotspot access, it is a very (too?) invasive procedure.
Many thanks for your help
