Monday, May 17, 2021

Apple’s AirDrop flaw could expose users’ data, warns experts

Must Read

Apple may unveil the AirPods 3 and Apple Music HiFi on May 18

Apple is expected to unveil the AirPods 3 and Apple Music HiFi music on May 18. Apple will not...

Battlegrounds Mobile India pre-registration will start on May 18 on the Google Play store.

PUBG mobile game's Indian version Battlegrounds Mobile India pre-registration will start on May 18 on the Google Play store. The...

Samsung Galaxy A22s 5G may come with MediaTek Dimensity 700 SoC and full HD+ display

The Samsung Galaxy A22s 5G has been spotted in both the Google Play Console and the Google Play Supported...

Apple’s AirDrop flaw could expose users’ data such as phone numbers and email addresses, warns security experts.

Researchers from Germany’s the Technical University of Darmstadt discovered a vulnerability that could affect any Apple user who uses AirDrop to share files.

The researchers discovered that the issue is caused by the use of hash functions, which share phone numbers and email addresses during the discovery process.

While this is worrying, users are only compromised in certain situations. For starters, User who set receive settings to Everyone is vulnerable.

However, even if your settings are set to Off or Contacts Only, the researchers warn that if you have your share sheet open with AirDrop (where your computer is searching for other devices to connect), you are at risk.

The vulnerability was outlined in a paper by the researcher’s group, which included five experts from the university’s Secure Mobile Networking lab and the Cryptography and Privacy Engineering Group.

According to the paper’s descriptions, there are two distinct ways to manipulate the flaws. In one example, the intruder may gain access to the user information if they are nearby and open the sharing sheet or share menu on their iPhone, iPad, or Mac.

In the second example, however, the attacker may open a share sheet or share menu on their computer and then search for a nearby device to execute a mutual authentication interaction with a responding receiver.

AirDrop is Apple’s patented wireless technology that was launched in 2011 and is used for wirelessly sharing files such as images and videos through iOS, iPadOS, and macOS computers.

It establishes a wireless link and exchanges files using both Wi-Fi and Bluetooth. However, the shared authentication method used by AirDrop can be exploited to steal a user’s phone number and email address. Security experts have also alerted Apple in 2019 also.

AirDrop is a preloaded service on over 1.5 billion Apple devices, all of which are reportedly vulnerable due to the bug discovered by the researchers.

At the time of publication, Apple had not responded to a request for comment on whether it was working to resolve the issue.

iPad Pro with Apple M1 processor, Mini LED display launched: price starts at Rs. 71,900 in India

This is not the first time that AirDrop has been discovered to have a security flaw. In August 2019, it was discovered that the service had a flaw that enabled attackers to access information.

 

- Advertisement -

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisement -

Latest News

Apple may unveil the AirPods 3 and Apple Music HiFi on May 18

Apple is expected to unveil the AirPods 3 and Apple Music HiFi music on May 18. Apple will not...
- Advertisement -

More Articles Like This

- Advertisement -