Apple users relying on the AirDrop feature need to remain cautious while using this feature. Researchers from the Technical University of Darmstadt have discovered a serious security vulnerability in the Apple AirDrop feature.
AirDrop is an innate technology in Apple devices that facilitates users to share data with nearby devices wirelessly. This feature works on Bluetooth and WiFi and allows sending even large files to devices within the range.
While AirDrop provides convenience, it also potentially exposes users’ personal data to others over the air due to the bug.
Apple AirDrop Vulnerability Found
As described on a dedicated website, the researchers found two main issues due to the Apple AirDrop feature. One of them exposes the sender’s details, whereas, the other exposes the receivers’ data.
Specifically, the problems exist because of faulty hashing of contact identifiers during AirDrop connections. Since it’s possible to reverse the hash values, a malicious sender or receiver can easily know the phone number and email address of the other contact.
Explaining the exposure of sender’s details, the researchers stated,
During the AirDrop authentication handshake, the sender always discloses their own (hashed) contact identifiers as part of an initial discover message. A malicious receiver can therefore learn all (hashed) contact identifiers of the sender without requiring any prior knowledge of their target.
For this, a malicious receiver simply has to wait for a sender to scan for available AirDrop receivers. This is particularly dangerous at public hotspots where a sender may end up exposing personal data to complete strangers.
Similarly, a malicious sender may collect the information from a target receiver.
AirDrop receivers present their (hashed) contact identifiers in response to the discover message if they know any of the sender’s contact identifiers (e.g., if the receiver has stored the sender’s email address). A malicious sender can thus learn all contact identifiers (including the receiver’s phone number) without requiring any prior knowledge of the receiver – if the receiver knows the sender.
Although, this type of exposure doesn’t involve strangers. However, a known sender may easily exploit this issue even without knowing the receiver. As the researchers explained,
A popular person within a certain context (e.g., the manager of a company) can exploit this design flaw to learn all (private) contact identifiers of other people who have the popular person in their address book (e.g., employees of the company).
‘PrivateDrop’ Available As Workaround
The researchers found the security issue back in 2019. They reported the matter to Apple right then. However, until April 20, 2021, Apple hasn’t assured of a fix.
It means that the current Apple users with AirDrop on their devices remain vulnerable.
However, to protect the users, the researchers have developed and open-sourced a safer alternate – PrivateDrop. Interested users may find it on GitHub where the researchers have shared details about its setup.
The team has shared more details about the whole issue in a white paper. They will present this research at the upcoming 30th USENIX Security Symposium (USENIX Security’21).