If you have an iPhone, we recommend that you disable the AirDrop function. In fact, researchers have found that hackers can easily recover your data through this feature. Apple has been aware of this flaw for two years, but has yet to implement a fix.
In the news: A team of researchers from the Faculty of Computer Science at Darmstadt Technical University in Germany discovered a major privacy leak in Apple AirDrop, the feature that allows users to easily share files over Wi-Fi. and Bluetooth.
What is AirDrop? AirDrop is a feature available on all Apple devices that makes it easy to share files, images, and videos between iPhone and MacBook, for example.
What about AirDrop? Since people only share files with people they already know, AirDrop only shows the contacts stored in your address book. To find out if another Apple user is a contact, Apple has developed an authentication mechanism that matches a user’s phone number and email address with entries in the other user’s address book.
- So for all of this to work, AirDrop needs to send your email address and phone number to your correspondent. The TU Darmstadt researchers then discovered that anyone can recover this data. All they need is to be there and have a device connected to Wi-Fi.
- The exchanged coordinates are protected by Apple using the hashing technique, but according to the researchers, these hashes can be quickly deciphered with so-called Brute Force which uses a lot of computing power.
- The team of researchers developed a more secure system themselves, which they called PrivateDrop. This system works with a new cryptographic protocol that must guarantee the confidentiality of user data. Their tests show that this system could work just as well as the existing AirDrop.
- Researchers have already warned Apple that AirDrop was flawed. Even so, the company has not yet acknowledged the problem and has not indicated that it will do anything to fix it.
What to do to protect yourself? The only thing you can do for now is avoid using AirDrop. It is best to disable the functionality entirely. To do this, go to Settings and then General. There you will find the menu dedicated to AirDrop.