Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Researchers Discover AirDrop Security Flaw That Could Expose Personal Data to Strangers
- Thread starter MacRumors
- Start date
- Sort by reaction score
And that is the SIMPLE process. Why is this even news?
I think the glaring security hole is that people can text photos of whatever they want to others, which is a problem in crowds. On a flight the other day a passenger was livid that he accepted an inappropriate photo!
Why. Most here will explain why they shouldn’t have fixed. I’m mean come on Apple does no wrong
and all to obtain someone's phone number and email address?
Because there’s really very little “security” news that’s even worth reporting, but the researchers still need attention and validation. But, their reports are of the sort that remind me my home has a security hole in that my chimney provides access to my house once you tear down the external facing wall. However, very few people are concerned by or will do anything about this vulnerability. My garage door? COMPLETELY vulnerable to a brute force attack by a tank. Why won’t garage door manufacturers DO anything about this?
Not always. There a lot of security issues that researchers find, but were patched in prior .x or .x.x updates. But, yeah, kinda seems like it sometimes takes publicity for tech companies to finally get in gear.
I still wish AirDrop would let you pick specific users (akin to the Favorites list in the phone app) to allow for discovery as well as eligible recipients. There are plenty of people in my Contacts list that I'd never send or receive data to, outside of a phone call or iMessage.
It’s AirDrop, not Handoff. The latter is used by ONE user to transfer control or data between multiple devices that are already in their control (and logged into).
AirDrop allows TWO different users logged into TWO devices under their own control to share data. Hence the need for authentication.
And the attack vector is super specific... a black hat *physically nearby* has to try to grab your data while you initiate the AirDrops (and I would guess most AirDrops are small things: a contact card, a photo, a doc... all which take seconds to transfer), and THEN brute force the hashes... for what? A bit of stolen PII?
Yes, it’s *possible* for someone to do this... but *probable*? Naahh. Which is why Apple hasn’t prioritized it. In risk management you have to prioritize the risks by probability and impact... this one is pretty low on both counts.
No. This will almost *never* happen. And I don’t mean “never” in the hyperbolic sense... truly almost never.
Yup, development resources are finite and directing those developers to resolve serious zero-day easy to exploit vulnerabilities is always going to be a smarter idea than directing them towards, say, protecting against someone using a few hundred thousand dollars in personnel and resources to obtain the details required (without your knowledge) to build a close enough replica to defeat FaceID.
They do no right either. Either way my guess is that apple didn’t consider this to be a widespread attack vector, as critical vulnerabilities seem to be patched quickly.
I knew it was AirDrop. I just made a mental mistake typing. I know the difference between the two. A mistake was made that's all.
This what struck me as odd too, I mean if you are a privacy focused person one would have AirDrop turned off unless needed and send mainly to contacts. Can Apple do better; sure, is this such a big risk to loose sleep over; no. On the exploits priority scale this in pretty low, this is like people who have BT on all the time even when not connected to anything and then complain about battery drain.
AirDrop or a similar technology should be implemented as a standard between all electronic devices. Airdrop is great tech but not appreciated enough.
sounds like the researcher wants to claim a bug $bounty. Apple isn't considering this a major bug enough to warrant that. As some have said, this isn't in plaintext and not easily accessible for most attackers. If any attacker is willing to use brute-force hack to gain your email address and phone#, there are much much easier ways. Also, if you are targeted, the attacker would already have those info.
Even though this obviously needs to be patched, does anyone seriously believe that any "bad actor" is going to go through this much work so he can sit in a Starbucks and steal someone's phone number?
Hollywood, iPhones, and paparazzi.
paparazzi has plenty of easier ways to get email address and phone#. Hell, even a regular Joe with some decent social engineering skill can get those info.
<“Security Researcher reads your text”>
I HAVE DISCOVERED A NEW UNPATCHED VULNERABILITY! If there are ANY bluetooth devices around you AT ALL, and you go through the steps to connect your phone to those devices, THEY WILL THEN, POTENTIALLY, HAVE ACCESS TO POTENTIALLY YOUR ENTIRE ADDRESS BOOK! I tried this in a new Kia K5, and the ENTIRE CONTENT OF MY CONTACTS ENDED UP ON THE CAR!
Shows how much Apple cares about security…