Researchers check bootstrap enrolment tech, suck teeth, whistle

Hackers can blow holes in Apple's managed service technology and sneak their own rogue devices onto corporate fleets of mobile iThings.

Weaknesses in Apple's Device Enrollment Program (DEP) allow the ne'er-do-wells to run targeted attacks on both the networks of the corporate shiny-shiny and the backend systems that support them, researchers at Duo Security warned.

DEP, for those unfamiliar, is a free service provided by Apple that facilitates Mobile Device Management (MDM) enrolment of iOS (iPhones and iPad), macOS (MacBooks), and tvOS devices.

More can be found here:

https://www.theregister.co.uk/2018/09/27/apple_mdm_insecure/