| While it could be said that the user shouldn't be mixing a "home" keychain (iCloud) account on a "work" machine, perhaps their work have a BYOD policy, and/or perhaps a policy of using Keychain for work-related password storage, and since iOS doesn't allow the use of multiple user accounts even on their so-called "Pro" devices (hello, Apple? It's 2022!) maybe they don't really have a choice. But I think that whole argument is beside the point, because the real issues as pointed out are: - one network used on one device shouldn't necessarily mean that it's suitable for *all* the user's devices [1] - but more importantly: syncing of Wifi network should only be a convenience; actually connecting to a synced-in Wifi network should only happen by explicit user action, and the 'auto-join' feature should never, ever sync across devices (it should only ever be a device-specific setting), defaulted to off when synced in via iCloud Keychain sync. [2] That second point is what I also believe to be a security risk. Yeah, sure, it's a "feature", but with what I feel is a massive security risk. [1] https://twitter.com/MCSeb/status/1590722905876619265 [2] https://twitter.com/MCSeb/status/1590723613824806912 (though I think OP misunderstood the System Preferences settings on 'auto join') |