Slashdot Mirror

← Back to Stories (view on slashdot.org)

iOS 9.3 Will Tell You If Your Employer Is Monitoring Your iPhone (mashable.com)

Posted by yaelk on from the are-you-being-watched dept.

An anonymous reader writes: Nobody likes being monitored. But even if you suspected your company is following your activities on the iPhone, would you know where to check? In the next iteration of its smartphone operating system, iOS 9.3, Apple is looking to make this an easier task. According to Reddit user MaGNeTiX, the latest beta of iOS 9.3 has a message telling users their iPhone is being supervised. The message is as prominent as can be, both on the device's lock screen and in the About section. "This iPhone is managed by your organization," the message on the lock screen says. And in the About screen, you get a little more detail, with a message saying your iPhone's supervisor can monitor your Internet traffic and locate your device.

24 of 137 comments (clear)

  1. You should already assume this by JeffOwl · · Score: 4, Informative

    My employer already has a notice on the lock screen about monitoring, but even if they didn't, anyone who has a device managed by their employer should assume it is being monitored unless proven otherwise.

    1. Re:You should already assume this by tlhIngan · · Score: 2

      Bottom line is - Who bought that iPhone? If it's you, then yeah, your employer has no business touching your phone w/o your consent. But if it's THEM - like it was for Syed Farook, then not only do they have all rights, but YOU should NOT be using it for non-work purposes.

      It's not so simple though.

      Yes, if it's the employer's phone, it'll be monitored.

      But remember, a lot of people are in the whole "BYOD" (bring your own device) thing where they may not even realize this is happening. So yes, the employees are consenting, but they may not realize just the extent of the consent they've given.

      it's a very tricky topic since when you leave, they could remote-wipe your phone

  2. You should but how many will? by SuperKendall · · Score: 5, Insightful

    Sure it's obvious to technical people like us that a company issued phone is going to be monitored and administered remotely.

    But how many non-technical people would know enough to assume that? It's for those people the prominent message can help them think twice before doing something with the company device they may regret later,

    If you think about it, it's even helpful for technical people - because as you say, a technical user would assume a company phone would be monitored and controlled. So if you do NOT see this message on a company device you can ask your IT staff why the hell they are not using MDM to control the devices.

    --
    "There is more worth loving than we have strength to love." - Brian Jay Stanley
    1. Re:You should but how many will? by unixisc · · Score: 2

      Why does one have to be technical in order to figure out that what s/he does on a company issued phone can be monitored by the employer? This much should be common sense, shouldn't it?

    2. Re:You should but how many will? by SirSlud · · Score: 4, Insightful

      If people had common sense, they wouldn't keep assuming things are common sense.

      --
      "Old man yells at systemd"
    3. Re:You should but how many will? by mccrew · · Score: 2

      ... on a company issued phone ...

      Not just company issued phone. If you set up your personal device to check work mail, then it becomes subject to company policies, and is subject to monitoring and vulnerable to remote wipe. And the remote wipe clears the whole enchilada - your personal mail, your photos, your texts, everything - regardless whether it was corporate data or not. That part is not really obvious, and more people would care if they understood the full implications of checking work e-mail on their personal device.

      --
      Hey, Windows users, there is no such thing as "forward" slash, there is only slash and backslash.
    4. Re:You should but how many will? by SeaFox · · Score: 2

      This much should be common sense, shouldn't it?

      "Common sense" is another phrase for "knowledge it's assumed everyone has".
      You're overestimating the intelligence of people -- even those in jobs posh enough where the company gives you a cell phone.

    5. Re:You should but how many will? by unixisc · · Score: 3, Interesting

      This one I agree w/ you.

      I have 2 phones. One purely for personal use, another purely for work use (not issued by any employer, so b/w jobs, I keep using it for job searches & the like). My family doesn't know the number of the latter. My colleagues don't know the number of the first.

      If any employer needed me to BYOD, I'd take the latter and let them do what they wanted w/ it. My personal photos & stuff wouldn't live there. That way, I leave one phone at risk, while playing merrily w/ the other. I have reset this several times, and will.

    6. Re:You should but how many will? by NormalVisual · · Score: 4, Interesting

      I had a bit of a row with management a couple of years back over this. They wanted me to install Outlook on my personal phone, and I refused because of the remote management capabilities. I don't care who you are, it's not your phone and I'm not going to give you the ability to remote wipe it, monitor me, have access to passwords, etc. If it's important enough that I need to be able to be contacted via cell phone, then give me a company phone expressly for that purpose and don't be surprised if it gets left at home when I go out.

      --
      Please stand clear of the doors, por favor mantenganse alejado de las puertas
    7. Re:You should but how many will? by SuperKendall · · Score: 2

      If you are given company pencil or pad of paper would you assume it is monitored? How is a tablet substantially different to a truly non-technical user, like a salesperson or secretary?

      The point is some people truly have no idea what is possible, and/or are very naive.

      --
      "There is more worth loving than we have strength to love." - Brian Jay Stanley
    8. Re:You should but how many will? by castionsosa · · Score: 2

      Exchange/ActiveSync can be configured to have various policies be placed on one's device before it allows the device to download/sync mail.

      One way to get around this is to use the Outlook app, or on Android, one of the other Exchange programs like Nine, Touchdown, RoadSync, or others, where if the organization decides to wipe the phone, just the app's data gets erased, not your entire device.

      There used to be a company called Divide which made a decent product that was good at separating work stuff from one's usual items on a phone, but that disappeared into Google a few years ago. Ideally, it would be nice for virtualization to hit phones, so the work stuff can sit in a VM, well away from malware and other items that might get on a BYOD item.

  3. Even better by PPH · · Score: 4, Interesting

    Include an alert if your phone has negotiated an unencrypted connection with the nearest "cell tower" (aka Stingray). Like my Motorola Razr v3 does.

    --
    Have gnu, will travel.
    1. Re:Even better by PPH · · Score: 2

      It's a feature of the phone. There is an icon on the screen which displays the status of the link encryption. Since one mode of IMSI catcher operation is to negotiate an unsecured connection with a phone, it's an indication that you might not be talking to a legit cell phone tower.

      --
      Have gnu, will travel.
  4. How about tell us WHEN by shaitand · · Score: 2

    Instead of advising us our phones are monitored, which we already know, the device informs us when anyone actively uses these functions, especially remote access to the cam/mic. Locate notification should be an option but in practice many organizations would simply have automatic logging of this data and it would trigger every few minutes.

  5. There's always a workaround... by __aaclcg7560 · · Score: 3, Interesting

    I worked at a company where the management team got very insecure about their positions and thought that the regular employees were out to get them. So they got a program to remotely monitor desktops. One morning my manager came running over to my cubicle to inform me that I wasn't allowed to look at Amazon on company time. And then he discovered that I had a breakfast burrito from the roach coach in hand, which meant I was on my break and I'm allowed to look at the Internet on my break time. So I told him to bugger off. Since the company next door had an open wireless access point, many of my coworkers used their PDA's to browse the internet to avoid using their PCs.

  6. Re:can they get in to your phone with out your pin by b0bby · · Score: 3, Informative

    They can get into *their* phone, which they are letting you use, without your pin if they are doing it right.
    They can't get into *your* phone, which you bought yourself and manage yourself, without your pin.

    IOW - If your employer provides you with a phone, it's not really yours.

  7. To access their network by sjbe · · Score: 5, Insightful

    Why would someone let your employer monitor YOUR iphone?

    The employer may require it as a condition of letting you attach your device to their network. You don't have to let them monitor your phone but they don't have to let you access their network with it either.

    1. Re:To access their network by SeaFox · · Score: 5, Insightful

      Why would someone let your employer monitor YOUR iphone?

      The employer may require it as a condition of letting you attach your device to their network. You don't have to let them monitor your phone but they don't have to let you access their network with it either.

      Yup. Bring Your Own Device is just corporate new-speak for "externalizing equipment costs to our employees".

    2. Re:To access their network by Anonymous Coward · · Score: 3, Interesting

      Our company does this. Recently they have been thinking about instituting a policy that you can only have corporate mail on it - no gmail, outlook.com, comcast, yahoo, whatever other email. Add on their 8 digit PIN requirement and it really comes down to "I just bought the company a phone" if you are foolish enough to BYOD...

  8. Re:What? by wardrich86 · · Score: 2

    If you're on their network, it's fair game.

  9. Re:can they get in to your phone with out your pin by __aaclcg7560 · · Score: 2

    Geez, the phone was not issued or owned by the FBI, it was owned by a county.

    The FBI ordered the county technician to change the iCloud account password, doing the exact opposite of what Apple told them to do. In short, FBI stands for Fumbling Bumbling Idiots.

  10. Re:What? by Just+Some+Guy · · Score: 2

    Why would someone let your employer monitor YOUR iphone? I could see if they supplied it but not if it is mine.

    A previous employer told me I'd have to let them install some way-too-creepy MDM rootkit on my personal phone if I wanted to access corporate email from it. I asked if I'd be reimbursed for turning it into company hardware. When they said no, I explained that I would not be reachable from my personal phone so not to bother emailing or messaging me after hours. That is, if the situation didn't warrant them picking up a phone and calling me, then it could wait until the next business day.

    They were surprised because that wasn't the standard answer, but I stuck to my guns. It's bad enough when you expect me to be available for routine work (not emergency! I'm always available for that!) at home on my own time, but you want to co-opt my personal equipment to enslave me to a virtual, omnipresent desk? No thanks.

    --
    Dewey, what part of this looks like authorities should be involved?
  11. Re:Your device + their network = monitoring by saigon_from_europe · · Score: 2

    My employer has very simple solution for this. Only company's equipment allowed on Ethernet and Wi-Fi. But there is also a parallel WiFi network for guests and employees' private devices. Easy to implement, the best of both worlds.

    --
    No sig today.
  12. Re:This evil crap is also installed on user owned by narcc · · Score: 2

    The iPhone was many things, but useful it was, most assuredly, not. The lack of basic features like task switching and copy/paste put it well behind the competition on that front. It's why BBs outsold iPhone and Android handsets for years after you inexplicably believe they "bombed".

    They're still leagues ahead of iOS and Android when it comes to management, privacy, security, and usability.

    --
    Required reading for internet skeptics