Article Details

Using iPhone Mirroring at work? You might have just overshared to your boss. What does IT see but a dating app on your wee little screen. If you're using iPhone Mirroring at work: it's time to stop, lest you give your employer's IT department the capability to snoop through your dating apps, photos, messages — and anything else you might want to keep to yourself. iPhone Mirroring is a feature that allows users to wirelessly use iPhones for viewing content on the device, using apps, and receiving notifications on a Mac. It requires macOS 15 Sequoia, iOS 18, and Apple Silicon to work. It's great for home use, but presents a serious privacy risk for employers and employees using a work-issued Mac computer. "For iPhone users, this Apple bug is a major privacy risk because it can expose aspects of their personal lives that they don't want to share or that could put them at risk," according to Sevco Security, which spotted the data-leaking flaw and reported it to Apple. This includes potentially exposing a VPN app in a country that restricts internet access, a dating app that reveals the user's sexual orientation in a region where that's not safe or has legal consequences, a health app that inadvertently shares a medical condition or pregnancy that the employee doesn't want their work to know about, or even just run-of-the-mill NSFW video and photos. Plus, for organizations, "this bug represents a new data liability from potentially collecting private employee data" that could lead to privacy law violations, lawsuits, and government agency enforcement actions, the researchers note. According to Sevco, executing mdfind, a command line interface in macOS Spotlight, in a terminal that has set up Mirroring, exposes full disk access plus personal iOS apps and metadata.  Here's the command line interface the researchers used to reproduce this flaw: mdfind "kMDItemContentTypeTree == com.apple.application" | grep Daemon Apple, we're told, has identified the cause and is working on a fix. The Register reached out to the iThings giant for comment and a timeline but did not receive an immediate response. Sevco says it has alerted "several enterprise software vendors" that share customers with the security shop and Apple, and has also notified its own customers that have collected or could potentially collect private employee data - and then suffer the consequences. But to be blunt, companies should also alert employees about the issue, advise them not to use this feature at work, and also work with any third-party enterprise IT vendors that collect software inventory from Macs until Apple issues a patch.