1. Home
  2. Tech
  3. Alert! Apple AirDrop security flaw can expose data of 1.5 billion users

Alert! Apple AirDrop security flaw can expose data of 1.5 billion users

By Saima Siddiqui 
Updated Date

California: Apple’s one of the most popular feature, AirDrop, garnered eyeballs at its launch due to its interesting feature that enables iPhone users to share content among two Apple devices. However, it has now been reported that Apple’s AirDrop feature can potentially expose all the private data such as email address and phone number of a user to anyone who is in Wi-Fi range.

Also Read :- Apple stops accepting debit, credit cards for app purchases, subscriptions in India

The flaw, found by researchers at Technische Universitat Darmstadt, a German university suggests that simply opening an iOS or macOS sharing panel could expose personal information to people in range. This could reportedly happen even without initiating a file transfer and can expose a significant risk.

The Trusted Reviews, who first reported on this flaw, said that the researchers at the University (Technische Universitat) raised this issue with Apple back in 2019 but the company hasn’t fixed it yet. They said that the issue lies in the weak hashing of phone numbers and email addresses associated with the Apple user. “All strangers need to do is be in the vicinity in order to snoop,” the report said.

Their report also cited a press release from the Secure Mobile Networking Lab (SEEMOO) and the Cryptography and Privacy Engineering Group (ENCRYPTO) as saying, “As an attacker, it is possible to learn the phone numbers and email addresses of AirDrop users – even as a complete stranger. All they require is a Wi-Fi-capable device and physical proximity to a target that initiates the discovery process by opening the sharing pane on an iOS or macOS device.”

The problems, according to the report lie in Apple’s use of hash functions. However, the researchers from TU Darmstadt already showed that hashing fails to provide privacy-preserving contact discovery and has values can be reversed using simple techniques.

Also Read :- Awesome deal for iPhone SE: How to get the new iPhone SE 3 for just Rs 28,900

This flaw could potentially lead to a data breach of over 1.5 billion Apple users and can further cause security issues.

Primarily, there are two reasons behind this security flaw. First and foremost is the process of finding contact and the next is AirDrop uses a “mutual authentication” process to draw a comparison between the phone numbers and email addresses of a possible receiver.

How to protect yourself

The basic requirement to perform this is a stable Wi-Fi connection and the proximity between the two Apple devices.

To avoid these attacks set your AirDrop to “Receiving Off” on an iPhone or iPad, and to “Allow me to be discovered by No One” on a Mac.

Also Read :- Apple may soon start selling iPhones through lease-like monthly subscriptions

The researchers, however, said that the only way to avoid falling prey to this flaw is to stop using AirDrop, at least till a time Apple issues a fix.

Further reading:
For the latest news and reviews, follow us on Facebook, YouTube and Twitter पर फॉलो करे...