Apple’s new iPhone Mirroring function in macOS Sequoia may seem to be a handy option to entry your telephone out of your work pc, however safety agency Sevco has uncovered a major privateness danger that ought to make workers suppose twice earlier than enabling this function on company-owned Macs, no less than for now.
In response to a new weblog put up by Sevco, the core situation lies in how iPhone Mirroring interacts with macOS’s file system and metadata. When activated, the function creates “app stubs” for iOS functions in a particular listing on the Mac:
/Customers/
These app stubs include metadata in regards to the iOS apps, together with icons, software names, dates, variations, and file descriptions. Whereas they do not embody the total executable code, they supply sufficient data for macOS to deal with them as put in functions.
The issue arises as a result of many enterprise safety and IT administration instruments routinely scan Macs for put in software program. These instruments typically use macOS’s built-in metadata system, which now consists of these iOS app stubs. Consequently, private iPhone apps can inadvertently seem in company software program inventories.
Sevco demonstrated this situation utilizing the macOS command line software mdfind, which interfaces with the Highlight search subsystem:
mdfind "kMDItemContentTypeTree == com.apple.software" | grep Daemon
When executed in a Terminal window that has been granted full disk entry with out establishing iPhone Mirroring, the command returns a traditional listing of macOS functions. However when executed in that very same Terminal window after establishing iPhone Mirroring, it additionally returns private iOS functions and metadata.
For workers, because of this apps they use privately may grow to be seen to their employer’s IT division with out their information or consent. This might probably reveal delicate private data, comparable to courting apps, health-related apps, or VPNs utilized in international locations with restricted web entry.
Sevco has alerted Apple to this privateness concern, and the corporate is reportedly engaged on a repair. Nonetheless, till a patch is launched and broadly applied, the dangers stay. For now, workers ought to keep away from utilizing iPhone Mirroring on work Macs. Firms also needs to pay attention to this potential knowledge legal responsibility and contemplate briefly disabling the function on company units if attainable.