With the arrival of macOS Sequoia and iOS 18, Apple introduced the new feature iPhone Mirroringwhich allows you to access your iPhone applications directly from your Mac. This feature may seem convenient, especially for those who use the company Mac and want to keep everything under control, but a recent report of the security company Sevco warns users: activating this feature on company devices may expose personal information without your knowledge.
The main issue highlighted by Sevco concerns the way iPhone Mirroring interacts with the macOS file system. When you enable this feature, a series of iOS application “stubs” is created in a specific directory on your Mac:
/Users//Library/Daemon Containers//Data/Library/Caches/
These “stubs” contain iOS app metadataincluding icons, app names, dates, versions, and file descriptions. While this data does not include the full executable code of the apps, it is sufficient for macOS to treat these applications as if they were installed on the device.
The risk to privacy: personal apps visible to company systems
The real problem arises from the fact that many enterprise security tools and IT management software regularly scan Macs to check which apps are installed. These tools often use the macOS metadata system, which now also includes information about iOS app “stubs.” In this way, land personal apps installed on your iPhone can inadvertently end up in company software inventorycreating a potential invasion of privacy.
Sevco illustrated this problem using the tool mdfind of macOS, which interacts with the Spotlight search subsystem. Here’s how it works:
mdfind “kMDItemContentTypeTree == com.apple.application” | grep Daemon
Without turning on iPhone Mirroring, this command just returns a list of regular applications installed on macOS. But once you enable the mirroring feature, the same command It also lists personal iOS applications along with associated metadata.
For employees, this means that privately used applications, such as dating apps, health apps, or VPNs used in countries with Internet restrictions, may be visible to the company’s IT department without the user’s knowledge or consent. own consent.
Sevco has already reported the problem to Apple, which is working on a fix. However, until an update is released to fix this bug, the privacy risk remains real. For now, the advice is simple: Avoid using the iPhone Mirroring feature on company Macs. Businesses should also be aware of this potential data breach and consider temporarily disabling the feature on work devices.
The “luck” for Italian users is that this function is not yet available in Italy.
News
Source: www.iphoneitalia.com
