Configurator 1.4.1

Wakko
Contributor II

I'm linking this to article https://jamfnation.jamfsoftware.com/discussion.html?id=8483, this would be a continuation of sorts.

Also sup'd short for Supervised
AC short for Apple Configurator

So we started out by installing iOS 7.0.3 on an iPad right out of the gate. Once it was installed we sup'd the iPad and made sure that the "allow to connect to other macs …." was off. Sure enough when we connected to another machine, we got the warning on iTunes. So far so good.

Then we erased and reinstalled iOS 7.0.3. This time is was sup'd and the allow check box was checked. Now the message clearly states the following: "Devices can be connected to other Macs (PCs) to transfer photos and videos". That's all it states, right. Well when it was connected to another machine. We were able to transfer photos and music and apps as well. This could lead to some concerns. Next question, what if we backed up the iPad and restored back form the backup. So we tried it and AC still saw the device as sup'd. So far, so okay I guess.

Okay, this shouldn't work at all. So let's try it and find. This time we nuke'd and paved like before. Device was sup'd and it was not setup to be connected to another computer. Once the iPad was up, we tested it by connecting it to another computer. It prompted us right away, that it could not be used…… Now my colleague made an iCloud backup.
We put iPad in recovery mode once more and then reinstalled the iOS. Now he restores from the iCloud backup. iPad shows that it's sup'd. We connect to the Mac and it mounts, it allows to sync, pictures, music, video, everything. Even make a local backup if we wanted to. Now I take it and connect to my AC system and it reports that it sup'd and no flashing alerts are seen or generated. To let me know what it has been compromised. No bueno, muy malo.

We are writing this up for other people to test and confirm what we have seen. To think about how and when a user could try these steps to by pass security. Please let us know what you all find, we are extremely curious.

CarbonTechnologies

5 REPLIES 5

Wakko
Contributor II

The issue is still present in AC 1.4.1. We have submitted feedback via AC itself and bug reporter.

justinrummel
Contributor III

1.4.2 was JUST released today. Not sure if it fixes your issue...

Wakko
Contributor II

Sorry I meant 1.4.2 it's still there.

plawrence
Contributor II

@Echevarria

Is this your current workflow?

Supervise an iPad (with 'Allow devices to connect to other Macs' unticked)
Wipe the iPad
Restore from an iCloud backup
iPad is still supervised, but now it can connect to a Mac via USB

Is it possible that you connected this iPad to the same Mac that you used when you had previously Supervised the iPad with 'Allow devices to connect to other Macs' ticked? Perhaps something is stored on that computer that now trusts that specific iPad?

Wakko
Contributor II

@ plawrence

Correction on the workflow

Supervise an iPad (with 'Allow devices to connect to other Macs' unticked)
Backup iPad to an iCloud account
Wipe the iPad ( on another computer via DFU mode)
Restore from an iCloud backup
* iPad is still supervised, but now it can connect to a Mac via USB

So we purposely used to different laptops. Laptop A supervised the iPad. Laptop B was the test machine to see how it reacted. We connected iPad to Laptop B and got the warning that it supervised. Once iPad was setup, we logged into a test iCloud account we created. We backed up the iPad. My colleague then put the iPad in DFU to wipe the iPad via iTunes on Laptop B. Once iPad was restored he logged into iCloud and restored form the backup. Everything came back down to the device. Much like it was before. However this time when he connected the iPad to his machine it mounted in iTunes. He was able to backup the device, sync App's, music, etc. I then took the iPad and plugged in my machine Laptop A. Apple Configurator did not warn me that anything was wrong with the device. The iPad still showed up as a supervised device as well.

Hope that his answers your questions. Let me know if you have any other. I'm curious to see if other people can re-create this as well.