Why iPhone owners should turn off AirDrop. Now.
Not everything Apple makes "just works" — at least not as intended, anyway. Security researchers exploring AirDrop, the iOS and macOS feature that lets users wirelessly share files via WiFi and Bluetooth, reported Wednesday on a flaw they say exposes users' emails and phone numbers. Unless you want every creep on the street to be able to secretly grab your contact info, it's a bit of a nightmare. The researchers, a team made up of members of the Secure Mobile Networking Lab (SEEMOO)and the Cryptography and Privacy Engineering Group (ENCRYPTO), claim they alerted Apple to the flaw in May of 2019. However, according to them, the company never responded. "As an attacker, it is possible to learn the phone numbers and email addresses of AirDrop users – even as a complete stranger," reads Tuesday's press release. "All they require is a Wi-Fi-capable device and physical proximity to a target that initiates the discovery process by opening the sharing pane on an iOS or macOS device." We reached out to Apple to confirm the findings and to ask if indeed it was alerted to the vulnerability in 2019. We received no immediate response. Notably, this is not the first questionable privacy situation tied to AirDrop. In 2019, researchers discovered that they were able to determine users' phone numbers based on the partial hashes AirDrop sends out. It's not clear if that concern was ever addressed by Apple, especially as the vulnerability disclosed this week appears similar in nature. "The discovered problems are rooted in Apple's use of hash functions for 'obfuscating' the exchanged phone numbers and email addresses during the [AirDrop] discovery process," explains Tuesday's press release. "However, researchers from TU Darmstadt already showed that hashing fails to provide privacy-preserving contact discovery as so-called hash values can be quickly reversed using simple techniques such as brute-force attacks." AirDrop is also notorious for its association with digital harassment. Specifically, harassers used the feature for cyber-flashing — wherein a stranger bombards a victim's phone with unwanted photos of a sexual or graphic nature — and sending images associated with white supremacists to people just going about their own business in public. Of course, you don't have to deal with any of this. If you'd rather avoid having your iPhone expose your contact info to creeps and protect yourself from cyber-flashers, you can turn AirDrop off (and disable Bluetooth while you're at it). SEE ALSO: Apple knows AirTags can be abused and is trying to get ahead of it It's not a permanent thing — you can always briefly turn AirDrop back on if you need it for some reason — but disabling the feature will provide you with some peace of mind, and hey, that "just works." Tweet may have been deleted
Tweet may have been deleted
Related Video: It's surprisingly easy to be more secure online
相关推荐
-
Abrar Ahmed returns as Pakistan names squad for second Test against Bangladesh
-
雨中行车 请注意……
-
Jacobs' back issue delays Kerley 100m 'challenge'
-
North Korea bristles at US talks on naval blockade
-
Newborns hit new low, but births to those unmarried reach record high: data
-
Moon, Trump agree to bring N. Korea to dialogue table through sanctions, pressure
- 最近发表
-
- A Journey Into the Mind of Stephen King
- Twitter exec teases possible major changes coming in 2020
- Sheryl Sandberg discussed 'Facebook lite' for kids in 2013, leaked messages show
- Let's face it: Flying cars are never going to be a thing
- The Apple iPod: Pocket Music Before That Phone
- Here's everything we know about the 'Call of Duty: WWII' story
- Roku thinks your remote needs a remote, so here's a new Apple Watch app
- North Korea bristles at US talks on naval blockade
- 高燃!哨响表停赛不止,2024广东“村BA”开赛在即,一分钟带你重温高光瞬间。
- Facebook users mistrusted apps with data long before Zuckerberg did
- 随机阅读
-
- We Bought the Cheapest DDR5 RAM Modules We Could Find, Are They Any Good?
- [News Focus] How likely is another Korean War?
- [Profile] Friend of ex
- Shah, Navin Paris
- Essential Apps to Install on your Windows PC or Mac
- Steve Buscemi dresses up as his own meme, immediately wins Halloween
- 雅上线通了!昨日恢复通车 比预计时间提前两天
- Fox News now has a racial discrimination lawsuit on its hands
- Blinken condemns Russia
- North Korea bristles at US talks on naval blockade
- Influencers aren't going anywhere. So what does that mean for today's teens?
- Handball Federation gets rid of bikini uniform rule after accusations of sexism
- Apple finally sends out payments for MacBook's butterfly keyboard settlement
- Chinese hackers infect carriers to steal SMS messages
- 江门奇榜村:现代化经营盘活资产,打造明星“土豪村”
- US senator calls for post
- 29 Dive Bars, Saloons, and Taverns Where the Vibe Is Unbeatable
- 10 porn set horror stories that double as life lessons
- Apple pulls iOS 13.2 update for HomePods after bricking devices
- Report claims Apple is teaming with Valve to develop its AR headset
- 搜索
-
- 友情链接
-