scorecardresearch
Follow Us:
Thursday, May 13, 2021

Apple AirDrop flaw could expose personal info to anyone in Wi-Fi range

A newly reported flaw in Apple’s file-sharing AirDrop service can expose details like phone numbers to any other user in Wi-Fi range. Read on to know more.

By: Tech Desk | Mumbai |
Updated: April 26, 2021 9:08:49 am
Apple, AirDrop,The researchers say that 1.5 billion users could be vulnerable to the AirDrop vulnerability. (File)

A new report by researchers at a German university suggests that the Wi-Fi and Bluetooth powered Apple-to-Apple data transfer tech could expose your phone number and email address to a stranger who is in Wi-Fi range. All the stranger would need to do is be in range.

Technische Universitat Darmstadt researchers suggest that simply opening an iOS or macOS sharing panel could expose personal information to people in range. This could reportedly happen even without beginning a transfer for third parties and can expose a “significant security risk” they said, as per a report by Trusted Reviews.

“As an attacker, it is possible to learn the phone numbers and email addresses of AirDrop users – even as a complete stranger. All they require is a Wi-Fi-capable device and physical proximity to a target that initiates the discovery process by opening the sharing pane on an iOS or macOS device,” Secure Mobile Networking Lab (SEEMOO) and the Cryptography and Privacy Engineering Group (ENCRYPTO) said in a press release.

“The discovered problems are rooted in Apple’s use of hash functions for “obfuscating” the exchanged phone numbers and email addresses during the discovery process. However, researchers from TU Darmstadt already showed that hashing fails to provide privacy-preserving contact discovery as so-called hash values can be quickly reversed using simple techniques such as brute-force attacks,” the report added.

How can you stay safe from the vulnerability?

The researchers say that 1.5 billion users could be vulnerable to the issue. However, Apple hasn’t acknowledged the problem yet. For now, the researchers suggest that the only way for users to keep themselves safe from the vulnerability is to completely turn AirDrop off.

📣 The Indian Express is now on Telegram. Click here to join our channel (@indianexpress) and stay updated with the latest headlines

For all the latest Technology News, download Indian Express App.

  • The Indian Express website has been rated GREEN for its credibility and trustworthiness by Newsguard, a global service that rates news sources for their journalistic standards.
Advertisement
Advertisement
Advertisement
Advertisement
x