Hi,
I’m curious about security vulnerabilities in configuration profiles. I know it’s possible profiles can contain malware but if they’re verified profiles from a verified developer, can they still contain malware?
Does Apple have some sort of security check for profiles to make them appear as verified?
Thanks for any answers or guesses
That depends who verified the developer. The only profiles you should install are enterprise app profiles from a company you are associated with that have been verified by Apple.
You should not install a profile just to use a 3rd party app; any app that can’t pass Apple’s review for inclusion in the App Store it likely to contain spyware or other malware. It’s easy to get an app that meets Apple’s security and privacy standards approved, witness that fact that 2 million apps have met this test.
That depends who verified the developer. The only profiles you should install are enterprise app profiles from a company you are associated with that have been verified by Apple.
You should not install a profile just to use a 3rd party app; any app that can’t pass Apple’s review for inclusion in the App Store it likely to contain spyware or other malware. It’s easy to get an app that meets Apple’s security and privacy standards approved, witness that fact that 2 million apps have met this test.
Verified & Unverified Configuration Profiles on iOS
