Skip to main content
  1. Home
  2. Mobile
  3. News

Researchers find a scary data vulnerability in Apple’s AirDrop

By

Hackers can tap into AirDrop data and pull your phone number or your email address. This issue has been known since 2019 and has yet to be patched or acknowledged by Apple, though it impacts almost 1.5 billion Apple devices today.

According to a report from security researchers at Germany’s Technical University of Darmstadt, the core of this issue is the way in which AirDrop shares files between Apple devices using the address book and contacts list as an option by default. Per the researchers, since AirDrop leverages “a mutual authentication mechanism,” to compare phone numbers, as well as email addresses, a hacker can easily intercept this information using “a Wi-Fi-capable device” that is nearby to an Apple user sharing through MacOS, iOS, or iPadOS via AirDrop. A proof of concept attack can be found on GitHub.

Recommended Videos

This can be done even if the hacker isn’t in the user’s address book or contacts list. It happens both ways, via Sender Leakage, as well as Receiver Leakage, according to the researchers.

Related

Apple does try to protect the exchanged phone numbers and email addresses via “obfuscating,” but security researchers have found that it does not prevent the reversing of hash values. These can be “quickly reserved,” according to security researchers, through brute force attacks.

The researchers at the Technical University of Darmstadt have developed “PrivateDrop” which can replace AirDrop’s flawed design. This solution is reportedly based on optimized cryptographic private set intersection protocols.

This means it can complete exchanges between certain devices without exchanging the hash values that could otherwise be interpreted. This all can occur with a delay time of around a second. This project is available on GitHub, for those interested in the research behind what went into developing it.

Since Apple hasn’t yet officially released a fix, you can try to avoid using or completely turn off AirDrop if you are concerned. To do this on an iPhone or an iPad, click Settings > General. From there, tap AirDrop > Receiving Off. On MacOS, you can turn off AirDrop by clicking to the Control Center next to the date and time, choosing AirDrop, and then toggling the switch to Off. Additional details are available via Apple if you wish to learn more about AirDrop on MacOS.

Editors' Recommendations

Topics
Arif Bacchus
Arif Bacchus
Computing Writer
Arif Bacchus is a native New Yorker and a fan of all things technology. Arif works as a freelance writer at Digital Trends…
I hope Apple brings this Vision Pro feature to the iPhone
A concept of spatial FaceTime from Apple Vision Pro mixed reality headset running on iPhone.

Digitally crafted alternative realities can be exciting or discomforting, based on how you envision them. But Apple, among other companies invested in AR- and VR-dominant future, clearly wants you to focus on the bright side. That's why Apple spent a substantial chunk of time at its WWDC 2023 developer conference to highlight the various features of the Apple Vision Pro — Apple's extravagant new mixed reality headset.

As per Apple's surefooted narrative at the event, the Vision Pro delivers us into a new era in computing and pushes beyond the boundaries of fixed displays. The promotional walkthroughs easily convince us the headset is both visually and functionally unique in many ways.

Read more
Have an iPhone, iPad, or Apple Watch? You need to update it right now
iPhone 14 Pro Max against a red background.

If you own an Apple product — be in the iPhone, iPad, Apple Watch, or a Mac — you should update it immediately. Why? Apple has begun rolling out updates to all of its devices with fixes for a serious security vulnerability.

The security vulnerability is known as CVE-2023-32434, and it has to do with the kernel privileges of Apple devices. Per Apple's website, the vulnerability allows third-party apps to "execute arbitrary code." In other words, if a bad actor knows how to exploit this vulnerability, they could potentially gain access to your Apple device and wreck havoc.

Read more
Apple may soon eliminate the notch from your Mac and iPhone
An Apple MacBook laptop with the macOS Ventura background wallpaper and the notch seen at the top of the display.

So many Apple devices have the divisive notch cutout these days that the feature has almost become its own brand, yet it continues to stir disapproving glances and attempts to hide it wherever it's seen. Apple could now be on the brink of eliminating it for good.

That’s because the company recently filed a patent in Europe outlining how future Apple devices, from Macs to iPhones, could do away with the notch once and for all, giving you a borderless experience that’s unbroken around the screen. It’s a grand idea, and Apple thinks it knows how to make it work.

Read more