AirDrop protocol leverages a mutual authentication mechanism that compares a user’s phone number and email address with entries in the other user’s address book to determine whether the two users are in contact, The feature allows sharing data with devices from address book contacts. The flaw discovered by the experts could impact owners of more than 1.5 billion Apple devices that are still vulnerable.
ENCRYPTO IOS MAC OS X
All they require is a Wi-Fi-capable device and physical proximity to a target that initiates the discovery process by opening the sharing pane on an iOS or macOS device.”ĪirDrop is a proprietary ad hoc service in Apple Inc.’s iOS and macOS operating systems, introduced in Mac OS X Lion (Mac OS X 10.7) and iOS 7, which can transfer files among supported Macintosh computers and iOS devices by means of close-range wireless communication. “As an attacker, it is possible to learn the phone numbers and email addresses of AirDrop users – even as a complete stranger.
“A team of researchers from the Secure Mobile Networking Lab (SEEMOO) and the Cryptography and Privacy Engineering Group (ENCRYPTO) at TU Darmstadt took a closer look at this mechanism and discovered a severe privacy leak.” reads a post published by the researchers. Experts found a bug in Apple’s wireless file-sharing protocol Apple AirDrop that could expose user’s contact information.īoffins from the Technical University of Darmstadt, Germany, have discovered a privacy issue in Apple’s wireless file-sharing protocol Apple AirDrop that could expose user’s contact information, such as email addresses and phone numbers.
0 kommentar(er)
