CommunityNews

CommunityNews

Breaking the Mirror – A Look at Apple’s New iPhone Remote Control Feature

Exploring the security of the new iPhone Mirroring feature as well as the current threat model of the iOS ecosystem

The tight integration between devices is something you only get in Apple’s Continuity ecosystem. It enables seamless interaction between devices, such as using your iPhone as a webcam for your Mac and even letting an iPad act as a second screen with stylus input.

All of this relies on Apple’s Continuity framework, a system that builds on local wireless protocols such as Bluetooth and Wi-Fi to communicate among a user’s devices. The interactions enabled between the devices result in a complex threat model that researchers have started to explore over the past years.

This summer, Apple newly introduced iPhone Mirroring, a feature that allows users to remote control their locked iPhone wirelessly from their Mac, further blurring the security boundaries in the ecosystem.

How does this new feature work? Are the security and privacy checks introduced for iPhone Mirroring sufficient or is it possible to trick the system? What do they protect against and how might this differ from how iOS devices are used in practice? In this talk, you will get demos and explanations of bypasses found in early versions of the iOS 18 beta along with an explanation of why and how they work.

Watch here:

This thread was posted by one of our members via one of our news source trackers.

Where Next?

Popular General Dev topics Top

New
First poster: bot
It has some interesting features: It’s entirely wireless (the left half speaks Bluetooth to the right half, and the right half speaks B...
New
First poster: dyowee
Everyone seems to be striving for ‘clean’ code at the moment. You can’t read a blog post without the author telling you how clean their a...
New
First poster: joeb
The File System Access API with Origin Private File System. WebKit supports new API that makes it possible for web apps to create, open,...
New
First poster: dani
The pool of talented C++ developers is running dry. Highly sought after, rarely provided.
New
First poster: bot
Hector Martin (@marcan@treehouse.systems). Attached: 1 image For those wondering why the hell we need all this safety system stuff for...
New
CommunityNews
The Definitive PHP 7.2, 7.3, 7.4, 8.0, and 8.1 Benchmarks (2023). We tested the performance of 14 PHP platforms (WordPress, Drupal, Lara...
New
First poster: joni
My experience trying to write original, full-length human-sounding articles using Claude AI. You can use AI tools like Claude to help yo...
New
First poster: AstonJ
On the benefits of learning in public. Learning in public helps me grow as an engineer and seems to benefit others too. Here’s why I sho...
New
CommunityNews
Rendering Action Mailer emails with Phlex components and layouts: Clean, Composable, and Completely Ruby - Blog post by Camillo Visini
New

Other popular topics Top

Devtalk
Hello Devtalk World! Please let us know a little about who you are and where you’re from :nerd_face:
New
AstonJ
Or looking forward to? :nerd_face:
New
New
PragmaticBookshelf
Tailwind CSS is an exciting new CSS framework that allows you to design your site by composing simple utility classes to create complex e...
New
PragmaticBookshelf
Learn different ways of writing concurrent code in Elixir and increase your application's performance, without sacrificing scalability or...
New
DevotionGeo
The V Programming Language Simple language for building maintainable programs V is already mentioned couple of times in the forum, but I...
New
AstonJ
Seems like a lot of people caught it - just wondered whether any of you did? As far as I know I didn’t, but it wouldn’t surprise me if I...
New
rustkas
Intensively researching Erlang books and additional resources on it, I have found that the topic of using Regular Expressions is either c...
New
New
AstonJ
If you want a quick and easy way to block any website on your Mac using Little Snitch simply… File > New Rule: And select Deny, O...
New