According to a recent report, Apple has been aware of the security vulnerability in AirDrop since at least 2019. The vulnerability allows attackers to obtain the phone numbers and email addresses of individuals transferring files via AirDrop. China, in particular, has been able to exploit this vulnerability to identify individuals distributing anti-government materials.
Cracking the AirDrop Encryption
To crack the AirDrop encryption, a Chinese state-backed institute reportedly utilized a process called “sharingd,” which contains a sub-process named “AirDrop.” By analyzing the console log data during a file transfer, researchers discovered that hash values for email and phone numbers are stored in the “AirDrop” sub-process. While cracking the hashes may not have been accomplished by the researchers, it is speculated that China was able to decipher them easily, especially considering that phone numbers consist only of digits.
Apple’s Response and Security Warnings
Security researchers have been warning Apple about the risks associated with encoding and sharing phone numbers and email addresses since 2019. However, Apple’s response to these warnings has been lacking, and the vulnerability remains unresolved. One of the reasons for this could be the challenge of maintaining backward compatibility with older devices when implementing a more secure version of the AirDrop protocol, such as the proposed PrivateDrop protocol by Alexander Heinrich and his team.
In conclusion, the revelation that Apple has been aware of the AirDrop vulnerability for several years raises concerns about their commitment to user privacy and data security. It is important for technology companies to prioritise the timely resolution of such security flaws to protect user information and maintain trust in their products.