Privacy And Security

Apple's AirDrop Comes with a Security Flaw 1.5 billion users Data Breach

Prateek Gupta
Prateek Gupta
Login To Bookmark
  • Apr 24,2024
  • 2 min read
  • 14
  • 911 Views

According to a report, quoting researchers from Germany’s Technische Universitat Darmstadt, it has been revealed that any person can access Apple users’ email addresses and mobile numbers, despite being a stranger and it is done by just sharing pane on the device after the sharing process is initiated. Another reason is Apple’s rather weak hashing system despite the encryption of data. This can allow hackers to access people’s personal details.

Besides that, a weak hashing system of Apple further allows hackers to access personal details. Although this is quite concerning, users are only affected in specific circumstances. For one thing, anyone who has set their receive settings to Everyone is at risk.

Apple's use of hash functions for "obfuscating" the exchanged phone numbers and email addresses during the discovery process. However, researchers from TU Darmstadt already showed that hashing fails to provide privacy-preserving contact discovery as so-called hash values can be quickly reversed using simple techniques such as brute-force attacks.

The basic requirement to perform this is a stable Wi-Fi connection and the proximity between the two Apple devices. Apple has been notified by the researchers about the security flaw and a possible solution has been found out which is called PrivateDrop which is based on optimized cryptographic private set intersection protocols and allows for the secure transfer of files between users without any flaws. 

Possibility of happening

  • AirDrop uses a “mutual authentication” process to compare the phone numbers and email addresses of a possible receiver with that of the details stored in a user’s contact list.
  • The researchers found that the problem exists within the use of hash functions that exchange phone numbers and email addresses during the discovery process.
  • The researchers claim that a stranger can use the mechanism and its process within the range of an iOS or macOS device with the share panel open to obtain private information.
Previous post
Be alert from new Flubot malware
Next post
PUBG Mobile India Soon? Teaser was here

Related post

Card image
Privacy And Security
Biggest data leak: Aadhaar Personal data of 81.5 crore Indians on sale on dark web
  • avatar
    by Riya
  • Nov 05, 2023
Card image
Privacy And Security
Sudan-based hackers shut down X for hours demands for Starlink
Card image
Privacy And Security
Millions of Americans’ health data stolen after MOVEit hackers targeted IBM
  • avatar
    by Riya
  • Aug 16, 2023
Card image
Privacy And Security
Xiaomi System UI Software Crashes globally due to Android Mechanism Updates
Card image
Privacy And Security
Google Pay Glitch: Several Lucky Users Get Upto Rs. 88,000 Accidentally!!!
avatar
View Articles
I'm a Computer Science graduate, likes to do ordinary work in an extraordinary manner. I'm quite creative, a workaholic. I regularly used analyze new research, development, innovation by tech giants. I'm interested in Machine learning, Data Science along with research work applications on them & solving puzzles, quizzes.

0 comments

Leave a reply

Please Login or Register to Comment. Get Started

Share this article

Elancemart
Next post
PUBG Mobile India Soon? Teaser was here
Image