Thursday, February 23, 2023

Wi-Fi Sync Spyware


There is a little-known feature on all iOS devices called ‘WiFi Sync’, which essentially allows for a backup of the device to regularly be downloaded onto a nearby computer over a WiFi connection.


Unfortunately, this ease of set up and lack of maintenance makes it the perfect target for spyware providers and cyberstalkers. The solution offered by spyware providers requires the stalker to have access to their target device to set the connection up, but after that the target device will provide a full backup to a computer using the same WiFi network. An application on the computer then reads the backup and packages up all the information into a clear report for the stalker.

Nothing needs to be installed onto the phone itself, which makes it very difficult to detect. As far as the phone is concerned, it is just performing a routine backup.


Historically you could perform a simple check in the Settings app on the phone to see if WiFi Sync was enabled (and therefore if you may be a victim of this type of spyware). It would even display the name of the computer that your iOS device was set up to sync with. However, in iOS 13 and all subsequent updates, Apple has removed this information from the Settings app, making it extremely difficult to tell if it is enabled.

Via Nick Heer:

It is also not new — the vulnerabilities of Wi-Fi syncing have been known since at least 2018.

That information does little to ameliorate these abuses, however.


The only way to know if an iPhone has Wi-Fi syncing turned on is by checking in Finder on the trusted Mac, or in iTunes on a Windows PC. If Apple is not retiring this feature, it should be possible to see if an iPhone has Wi-Fi syncing enabled on the phone itself.


4 Comments RSS · Twitter · Mastodon

Ever since Apple introduced the need to confirm each local backup (WiFi or USB) by typing the passcode on the iPhone, this vulnerability is a moot point. Maybe Apple introduced this "feature" for exactly this reason. But it also made local backups a drag. And it leaves iCloud as the only automated, in-the-background backup solution. Fortunately, Apple released ADP around the same time and now iCloud backups are a valid option for me again.

@Michèl Needing to enter the passcode helps, but I don’t think it makes this a moot point. There’s a difference between knowing the passcode at a point in time and having continual, silent access to the phone’s data.

@Michael I don’t think I understand your comment. Are you pointing out that while making new backups requires a passcode, an attacker might still have an older copy of your data? Or that the passcode requirement is insufficient when the attacker knows the passcode?

@Ben I was just confused. After rereading, I think Michèl is right and that the Certo article is misleading for not mentioning this mitigation in iOS 16.1.

Leave a Comment