It all begins with a sushi restaurant that leverages iPads in Guided Access Mode (GAM) for food ordering. The basic idea is to tap, order and then stroke the robot when it delivers the food. What could possibly go wrong, you might ask......
Mistake 1: The waitress tells you the iPad unlock code because, of course, they go to sleep.
Mistake 2: The unlock code is also the code to get out of GAM
Place a teenager at the scene and of course the teen gets the iPad out of GAM and starts taking selfies with a view to replacing the background. Funny - but too much chance of being caught....so said teen AirDrops a fun image to the iPad and replaces the background.
It doesn't end there because the iPads are on a wireless network - one that is not the network being offered to customers.
So...............how can you get another device to join the network? The teen was not sure but a more experienced person was; Apple makes it wonderfully easy to share Wifi passwords! (Caveat: the password can apparently only be shared from a device into which the password was typed, actually good thinking from Apple).
And so there's a new iPhone on the network. Running Fing. Discovery is a wonderful thing......
The barrier to entry in the network is not significant - and on that network you will now find things such as: Sonos speakers for the restaurant and office, the sushi delivery robot (all interesting for the Rickrolling teen) and (for a real attacker) all of the PoS devices plus the office computers.
It's a real shame that the barrier to self-entry and setup for these things is so low because it really could end in tears.
I am sure they are not alone. The question is whether they need to be told about this and how it can be done.....or if I would want to be the one.