AirDrop is a wireless transmission function launched by Apple. Photos, files, etc. can be quickly transferred between different Apple devices.
However, researchers at the Darmstadt University of Technology recently discovered that Apple’s AirDrop process for finding and verifying someone can expose the user’s contact information.
Besides, Apple AirDrop has three modes: off, contacts only, and everyone. The system defaults to contacts only. The researchers said that AirDrop uses a mutual authentication mechanism, which compares the user’s phone number and email with entries in the address book of other users. In this process, strangers can crack the verified data and take advantage of it to the user’s phone number and email.
The researchers also said that the vulnerability was submitted to Apple in May 2019, but after multiple versions of the update, the vulnerability still exists.
|VIA|
