News: 1728412214

  ARM Give a man a fire and he's warm for a day, but set fire to him and he's warm for the rest of his life (Terry Pratchett, Jingo)

Using iPhone Mirroring at work? You might have just overshared to your boss

(2024/10/08)


If you're using iPhone Mirroring at work: It's time to stop, lest you give your employer's IT department the capability to snoop through the list of apps you have on your phone — dating apps, those tracking medical conditions or sexual history, or any other NSFW apps that you might want to keep to yourself.

iPhone Mirroring is a feature that allows users to wirelessly use iPhones for viewing content on the device, using apps, and receiving notifications on a Mac. It [1]requires macOS 15 Sequoia, iOS 18, and Apple Silicon to work.

It's great for home use, but presents a potential privacy risk between employers and employees using a work-issued Mac computer.

[2]

"For iPhone users, this Apple bug is a major privacy risk because it can expose aspects of their personal lives that they don't want to share or that could put them at risk," according to Sevco Security, which [3]spotted the oversight and reported it to Apple.

[4]

[5]

This includes potentially exposing the use of a VPN app in a country that restricts internet access, a dating app that indicates the user's sexual orientation in a region where that's not safe or has legal consequences, or a health app that inadvertently shares a medical condition or pregnancy that the employee doesn't want their work to know about.

Plus, for organizations, "this bug represents a new data liability from potentially collecting private employee data" that could lead to privacy law violations, lawsuits, and government agency enforcement actions, the researchers note.

[6]

According to Sevco, executing mdfind in a terminal window that has been granted full disk access exposes a list of personal iOS apps and metadata if the iPhone user has turned on iPhone Mirroring. The bug does not, however, reveal the contents of a user's apps.

Here's the command line interface the researchers used to reproduce this flaw:

mdfind "kMDItemContentTypeTree == com.apple.application" | grep Daemon

Apple, we're told, has identified the cause and is working on a fix. The Register reached out to the iThings giant for comment and a timeline but did not receive an immediate response.

[7]Apple fixes bug that let VoiceOver shout your passwords

[8]Apple Intelligence won't be available in Europe because Tim's terrified of watchdogs

[9]Scammers in the slammer for years after ripping off Apple with fake iPhone returns

[10]Google brings better bricking to Androids, to curtail crims

Sevco says it has alerted "several enterprise software vendors" that share customers with the security shop and Apple, and has also notified its own customers that have collected or could potentially collect private employee data - and then suffer the consequences.

But to be blunt, companies should also alert employees about the issue, advise them not to use this feature at work, and also work with any third-party enterprise IT vendors that collect software inventory from Macs until Apple issues a patch. ®

Editor's note: This article was updated to clarify that this oversight reveals the list of applications on a device, though not the contents. We're happy to make that clear.

Get our [11]Tech Resources



[1] https://support.apple.com/en-us/120421

[2] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/front&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2ZwWrgEx1tDYrMVKhYc62gAAAAQc&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0

[3] https://www.sevcosecurity.com/iphone-mirroring-expose-employee-personal-information/

[4] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/front&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44ZwWrgEx1tDYrMVKhYc62gAAAAQc&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0

[5] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/front&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33ZwWrgEx1tDYrMVKhYc62gAAAAQc&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0

[6] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/front&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44ZwWrgEx1tDYrMVKhYc62gAAAAQc&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0

[7] https://www.theregister.com/2024/10/04/apple_voiceover_password_bug/

[8] https://www.theregister.com/2024/06/21/apple_intelligence_eu/

[9] https://www.theregister.com/2024/10/03/counterfeit_iphone_scammers_prison/

[10] https://www.theregister.com/2024/10/08/google_android_security/

[11] https://whitepapers.theregister.com/



jdiebdhidbsusbvwbsidnsoskebid

Just another reason why work and personal devices should never meet.

Anonymous Coward

Came to say it, and am unsurprised someone beat me to it.

The only thing about my personal device that my employer knows is the phone number. I will **NOT** run employment-related software on my personal devices, nor allow employers access!

jdiebdhidbsusbvwbsidnsoskebid

Something a work colleague in HR once told me was that if you have work information on your personal device and your employer receives a Freedom of Information request, your personal device could be included.

I'm not 100% sure that's true, it seems plausible otherwise it would be an easy get out for any organisation to do BYOD and never have comply with FoIS, but I'm not going to test it.

Even better Idea...

IGotOut

Don't put personal stuff on your work phone.

Easy

What part of "mirroring"

DS999

Do people not get? At work you best be sure you don't leave porno magazines or offers from competing employers laying around on your desk for others to see, and likewise if you share your phone's home screen while opening an app you best be sure they don't have apps on that screen you wouldn't want coworkers to know you have installed.

Not sure what "bug" Apple is fixing, but it seems like they'd be playing wack-a-mole if they try to blur out icons/names for other apps when it shows the home screen as there are countless other possibilities like notifications, calender reminders, incoming call requests and so forth that might appear on the screen of a "mirrored" device that would also need to be suppressed.

Q: What's yellow, and equivalent to the Axiom of Choice?
A: Zorn's Lemon.