A new security flaw in AirDrop's functionality has been discovered. Apple. This allows anyone with the right computer and software to access some important information, including phone numbers and Wi-Fi passwords.
AirDrop Security Failure Puts iPhones at Risk!
Firstly, the Hexway report states that users only need to have Bluetooth turned on. This is so that the transmission is a victim of this vulnerability. In fact, it can read that “just turn on Bluetooth to transmit a lot of device information. These include the name, whether Wi-Fi is in use or not, the version of the operating system that is running, and the battery information. ”
However, another piece of information in the report is that password sharing via AirDrop or Wi-Fi transmits a partially encrypted key that can easily be converted into a phone number.
In the case of a Mac, a static MAC address, which can be used as a unique identifier, is also sent in Bluetooth packets.
Hexway also shared a video that reveals this vulnerability in action. It is a fairly simple process for malicious users. With a simple proof of concept it was possible to gather information from dozens of iPhones and Apple Watches that were within reach. All it took was a simple computer and an accessory.
For now there is no great salvation for this problem. Thus, the only security measure that users can take against this failure is to turn off Bluetooth completely. Of course for many users this is not a nice solution. Many use headsets and other devices that have to communicate via bluetooth.
Whether Android or iOS, security issues are quite common. With so many systems and technologies in place, it is almost impossible to guarantee that all doors are closed. It remains now to Apple analyze this issue and release a fix soon. Usually when it comes to safety the apple giant doesn't play.