Here's Why You Shouldn't Use iPhone Mirroring on a Corporate Mac

[MacRumors]

Apple's new iPhone Mirroring feature in macOS Sequoia might seem like a convenient way to access your phone from your work computer, but security firm Sevco has uncovered a significant privacy risk that should make employees think twice before enabling this feature on company-owned Macs, at least for now.

According to a new blog post by Sevco, the core issue lies in how iPhone Mirroring interacts with macOS's file system and metadata. When activated, the feature creates "app stubs" for iOS applications in a specific directory on the Mac:

/Users//Library/Daemon Containers//Data/Library/Caches/

These app stubs contain metadata about the iOS apps, including icons, application names, dates, versions, and file descriptions. While they don't include the full executable code, they provide enough information for macOS to treat them as installed applications.

The problem arises because many enterprise security and IT management tools routinely scan Macs for installed software. These tools often use macOS's built-in metadata system, which now includes these iOS app stubs. As a result, personal iPhone apps can inadvertently appear in corporate software inventories.

Sevco demonstrated this issue using the macOS command line tool mdfind, which interfaces with the Spotlight search subsystem:

mdfind "kMDItemContentTypeTree == com.apple.application" | grep Daemon

When executed in a Terminal window that has been granted full disk access without setting up iPhone Mirroring, the command returns a normal list of macOS applications. But when executed in that same Terminal window after setting up iPhone Mirroring, it also returns personal iOS applications and metadata.

For employees, this means that apps they use privately could become visible to their employer's IT department without their knowledge or consent. This could potentially reveal sensitive personal information, such as dating apps, health-related apps, or VPNs used in countries with restricted internet access.

• How to Use iPhone Mirroring in macOS Sequoia

Sevco has alerted Apple to this privacy concern, and the company is reportedly working on a fix. However, until a patch is released and widely implemented, the risks remain. For now, employees should avoid using iPhone Mirroring on work Macs. Companies should also be aware of this potential data liability and consider temporarily disabling the feature on corporate devices if possible.

Article Link: Here's Why You Shouldn't Use iPhone Mirroring on a Corporate Mac

 

[TIMO_737]

Well now we know why Apple does not release it in the EU-SSR

 

[00001000bit]

I imagine employers also do not want this.

I use the personal (free) license for Fusion360 and have it on my phone. If that appears on a corporate owned computer, is the company now liable for a commercial license? It's not like Autodesk is particularly forgiving about commercial licensing.

 

[Mac mini power user]

I imagine employers also do not want this.

I use the personal (free) license for Fusion360 and have it on my phone. If that appears on a corporate owned computer, is the company now liable for a commercial license? It's not like Autodesk is particularly forgiving about commercial licensing.

One license should not raise too much attention, but it is a clear violation of the EULA. I personally don't virtualize on my university-issued MBP either, even though I have more control over software and system updates (and less IT oversight) that most of my colleagues with HP laptops do.

 

[Lyrics23]

Well now we know why Apple does not release it in the EU-SSR

Uh, why? Apple’s security failure in this instance has literally nothing to do with the EU.

I suppose a company choosing to abuse the flaw might fall afoul of GDPR’s privacy protections, depending on why they’re gathering the data and what they do with it, but that has nothing to do with Apple.

Though I suppose the way you misnamed the EU shows clearly enough that you are only posting in bad-faith, without having any actual argument.

 

[Line_Noise]

More pointedly, don’t use your personal Apple ID on a corporate Mac. Because that’s a requirement for enabling iPhone Mirroring.

 

[mattopotamus]

It is times like this I am happy I work for a small business and I am the "IT" person haha.

 

[GrayFlannel]

I imagine employers also do not want this.

I use the personal (free) license for Fusion360 and have it on my phone. If that appears on a corporate owned computer, is the company now liable for a commercial license? It's not like Autodesk is particularly forgiving about commercial licensing.

No.

 

[supergt]

This is a feature, not a bug.

 

[GrayFlannel]

In the US, you have very limited privacy expectation in the workplace and virtually none when connected to company resources.

 

[B4U]

And why would you use a personal Apple ID on the work laptop anyway?

 

[kirky29]

It is times like this I am happy I work for a small business and I am the "IT" person haha.

Exactly the same 🤣

 

[SierraVista]

And why would you use a personal Apple ID on the work laptop anyway?

Yeah, don’t ever do this. I work in IT and most of the folks on my team don’t even own a personal computer… they use their corporate Macs for everything and have iMessage and photo sync, etc, to their personal Apple IDs, which I think is insane... at any time, Legal could show up and image their disks (we have all FileVault keys escrowed to our MDM).

 

[Haiku_Oezu]

Uh, why? Apple’s security failure in this instance has literally nothing to do with the EU.

I suppose a company choosing to abuse the flaw might fall afoul of GDPR’s privacy protections, depending on why they’re gathering the data and what they do with it, but that has nothing to do with Apple.

Though I suppose the way you misnamed the EU shows clearly enough that you are only posting in bad-faith, without having any actual argument.

He didn’t even read the article, he just saw iPhone mirroring is involved and went straight to fishing for attention

 

[H2SO4]

Should have respect for your employers equipment and business and use it only for works, except in emergencies when only minimal intrusion may be permitted.

 

[dbwie]

Keeping work and personal devices/data separate is always a wise idea, in my opinion, including and beyond this specific security issue.

I like the concept of iPhone mirroring to my personal Mac, but I don’t use it as much as I thought I would. It’s not hard to just pick up the phone. Where I see iPhone mirroring as beneficial is when one is using Vision Pro.

 

[Helmlein]

Considering the amount of "inventory software" (aka Spyware) that employers nowadays use on the company issued machines, the least I'd do is to use my personal home Apple ID for anything on the company issued computer. When I had a Mac at work (now got Windows) I created a dedicated work Apple ID, and the work iPhone (which I've still got) is also using that account.

I'm not really inviting my employer to have access to my photos, Apple health data or Music collection (or list of other devices in the same account), either.

Also, employers are possibly not too enthused about their employees checking their iPhones through the work machines' desktop interfaces during work.

It's IMHO therefore a bad idea, regardless of whether you see this from the employee's or employer's point of view.

H.

 

[ignatius345]

You can't mirror your personal iPhone mirroring onto a Mac signed into a different Apple ID.

If your work computer and your personal iPhone are signed into the same Apple ID, that Mac already has access to ALL OF YOUR STUFF -- texts, files, browsing history and even your ****ing iCloud Keychain.

There is no "security failure" here whatsoever, except on the part of any user stupid enough to set up a machine they don't own with access to all their personal information.

 

[ignatius345]

And why would you use a personal Apple ID on the work laptop anyway?

Exactly. And if you did, iPhone mirroring is by far the least of your privacy concerns. 🤣

 

[MNWildFan]

Keeping work and personal devices/data separate is always a wise idea, in my opinion, including and beyond this specific security issue.

I like the concept of iPhone mirroring to my personal Mac, but I don’t use it as much as I thought I would. It’s not hard to just pick up the phone. Where I see iPhone mirroring as beneficial is when one is using Vision Pro.

Yup, exactly

Once my workplace gets to pushing out Sequoia to those using Macs, I know for a fact that with our MDM software we're going to not allow usage of iPhone mirroring

Heck, we're so airtight that you can't even sign into an Apple ID on them

 

[jonnysods]

I wouldn't even sign into my icloud on a work machine, I'd keep them separate for sure.

 

[mainomega]

JAMF doesn't pick up any of these as installed applications. Neither does Crowdstrike.

 

[IIGS User]

I tried the iPhone mirroring on my personal Mac and it really wasn't a make or break feature for me. It was neat to fiddle with a bit.

Everything at work where I am is Windows, Windows, Windows.

Our AUP allows for "casual personal use" which is broadly defined. Basically, so long as you're not running an Ebay business, hosting an Only Fans, online betting, or doing anything prurient adjacent they don't seem to care. Anything I don't want my employer to see I keep off my work computer. On one hand, it's a large organization and they have the resources to look at everything. On the other hand, it's a large organization with a lot of people. It would take a GDR Stasi like operation to track it all.

Either way, there's little if anything I do that would interest anyone else. I'm a very very boring person. If it's something that requires the utmost secrecy, I avoid digital communications anyway.

 

[falkon-engine]

I would never use this on a corporate Mac anyways nor would I sign in to my personal iCloud account either. I have a Washington post test for my work laptop. I consume zero content on that machine that I wouldn’t mind being printed in the Washington post (or similar) newspaper.

 

[hagjohn]

Call me when my phone can become a desktop, when connected to a mouse/keyboard and monitor.