Apple’s new iPhone mirroring feature in macOS Sequoia may seem like a convenient way to access your phone from your work computer, but security company Sevco says it won’t allow employees to enable the feature on company-owned Macs. We’ve identified significant privacy risks that you should think twice about before using. At least for now.
According to a new blog post from Sevco, the core issue lies in how iPhone mirroring interacts with the macOS file system and metadata. Enabling this feature creates an “app stub” for your iOS application in a specific directory on your Mac.
/Users/
These app stubs contain metadata about your iOS app, such as icon, application name, date, version, and file description. Although they do not contain full executable code, they provide enough information for macOS to treat them as installed applications.
This issue occurs because many corporate security and IT management tools regularly scan your Mac for installed software. These tools often use macOS’ built-in metadata system. The system now includes these iOS app stubs. As a result, personal iPhone apps may inadvertently appear in the corporate software inventory.
Sevco demonstrated this issue using the macOS command line tool mdfind, which works with the Spotlight search subsystem.
mdfind "kMDItemContentTypeTree == com.apple.application" | grep Daemon
If you run the command in a terminal window with full disk access without iPhone mirroring set up, the command returns the usual list of macOS applications. However, if you run it in the same terminal window after setting up iPhone mirroring, it will also return your personal iOS applications and metadata.
For employees, this means that apps they use personally may be exposed to their employer’s IT department without their knowledge or consent. This can expose sensitive personal information such as dating apps, health-related apps, and VPNs used in countries with restricted internet access.
Sevco has alerted Apple to this privacy concern, and the company is reportedly working on a fix. However, the risk remains until a patch is released and widely implemented. At this time, employees should avoid using iPhone mirroring on their Macs at work. Businesses should also be aware of this potential data liability and consider temporarily disabling this feature on corporate devices if possible.
