
Potential iOS flaw – auto download apps bypasses device restrictions - jonisykes
I have just discovered that several iPhone only apps have been downloaded to my iPad using the automatic download feature from iCloud. 
For example I was able to use WhatsApp and Fiverr on my iPad. 
Any potential for bypassing other restrictions with this?
======
floatingatoll
You’re required to PIN, Touch/FaceID, and/or enter iCloud password simply to
purchase an app, even when it’s free, unless you specifically set otherwise in
your device settings. What attack do you envision that would be possible here
that doesn’t require an attacker already in possession and full control of
your iCloud-linked device?

------
jonisykes
Not sure how much of an issue it is since you can legitimately download iPhone
only apps to iPad through App Store, but the fact that auto download does it
for apps that aren’t supported on iPad is curious. Such as WhatsApp for
example, that does not work on my iPad, yet it was auto-downloaded.

