Apple’s new iPhone Mirroring feature in macOS Sequoia might seem like a convenient way to access your phone from your work computer, but security firm Sevco has uncovered a significant privacy risk that should make employees think twice before enabling this feature on company-owned Macs, at least for now.
According to a new blog post by Sevco, the core issue lies in how iPhone Mirroring interacts with macOS’s file system and metadata. When activated, the feature creates “app stubs” for iOS applications in a specific directory on the Mac:
/Users//Library/Daemon Containers//Data/Library/Caches/
These app stubs contain metadata about the iOS apps, including icons, application names, dates, versions, and file descriptions. While they don’t include the full executable code, they provide enough information for macOS to treat them as installed applications.
The problem arises because many enterprise security and IT management tools routinely scan Macs for installed software. These tools often use macOS’s built-in metadata system, which now includes these iOS app stubs. As a result, personal iPhone apps can inadvertently appear in corporate software inventories.
Sevco demonstrated this issue using the macOS command line tool mdfind, which interfaces with the Spotlight search subsystem:
mdfind “kMDItemContentTypeTree == com.apple.application” | grep Daemon
When executed in a Terminal window that has been granted full disk access without setting up iPhone Mirroring, the command returns a normal list of macOS applications. But when executed in that same Terminal window after setting up iPhone Mirroring, it also returns personal iOS applications and metadata.
For employees, this means that apps they use privately could become visible to their employer’s IT department without their knowledge or consent. This could potentially reveal sensitive personal information, such as dating apps, health-related apps, or VPNs used in countries with restricted internet access.
How to Use iPhone Mirroring in macOS Sequoia
Sevco has alerted Apple to this privacy concern, and the company is reportedly working on a fix. However, until a patch is released and widely implemented, the risks remain. For now, employees should avoid using iPhone Mirroring on work Macs. Companies should also be aware of this potential data liability and consider temporarily disabling the feature on corporate devices if possible.
This article, “Here’s Why You Shouldn’t Use iPhone Mirroring on a Corporate Mac” first appeared on MacRumors.com
Discuss this article in our forums
Apple’s new iPhone Mirroring feature in macOS Sequoia might seem like a convenient way to access your phone from your work computer, but security firm Sevco has uncovered a significant privacy risk that should make employees think twice before enabling this feature on company-owned Macs, at least for now.
According to a new blog post by Sevco, the core issue lies in how iPhone Mirroring interacts with macOS’s file system and metadata. When activated, the feature creates “app stubs” for iOS applications in a specific directory on the Mac:
/Users//Library/Daemon Containers//Data/Library/Caches/
These app stubs contain metadata about the iOS apps, including icons, application names, dates, versions, and file descriptions. While they don’t include the full executable code, they provide enough information for macOS to treat them as installed applications.
The problem arises because many enterprise security and IT management tools routinely scan Macs for installed software. These tools often use macOS’s built-in metadata system, which now includes these iOS app stubs. As a result, personal iPhone apps can inadvertently appear in corporate software inventories.
Sevco demonstrated this issue using the macOS command line tool mdfind, which interfaces with the Spotlight search subsystem:
mdfind “kMDItemContentTypeTree == com.apple.application” | grep Daemon
When executed in a Terminal window that has been granted full disk access without setting up iPhone Mirroring, the command returns a normal list of macOS applications. But when executed in that same Terminal window after setting up iPhone Mirroring, it also returns personal iOS applications and metadata.
For employees, this means that apps they use privately could become visible to their employer’s IT department without their knowledge or consent. This could potentially reveal sensitive personal information, such as dating apps, health-related apps, or VPNs used in countries with restricted internet access.
How to Use iPhone Mirroring in macOS Sequoia
Sevco has alerted Apple to this privacy concern, and the company is reportedly working on a fix. However, until a patch is released and widely implemented, the risks remain. For now, employees should avoid using iPhone Mirroring on work Macs. Companies should also be aware of this potential data liability and consider temporarily disabling the feature on corporate devices if possible.Related Roundup: macOS SequoiaTag: macOS SecurityRelated Forum: macOS SequoiaThis article, “Here’s Why You Shouldn’t Use iPhone Mirroring on a Corporate Mac” first appeared on MacRumors.comDiscuss this article in our forums Read More MacRumors: Mac News and Rumors – All Stories
#Techno #PCWorld