AirDrop Security Flaw
Discovered by security researchers at the German University’s Technische Universitat Darmstadt, the vulnerability is pretty dangerous for Apple users. The researchers first raised the issue with Apple back in 2019. However, recent reports by the researchers state that the Cupertino giant still hasn’t addressed the issue, even though more than 1.5 billion Apple users are affected by it. Coming to the vulnerability, it resides in Apple’s proprietory AirDrop system and has the potential to expose a user’s phone number and email address to a stranger who is in Wi-Fi range. And what makes the flaw even more dangerous is that the user does not even need to initiate a file transfer for a stranger to gain access to his/her private info. It activates as soon as a user turns on the AirDrop functionality on their iPhone or any AirDrop-supported device. The researchers state that the vulnerability is a result of using hash functions for the feature. Moreover, to gain access to the sensitive information of an Apple user using the AirDrop vulnerability, all an attacker needs is a Wi-Fi-enabled mobile device and proximity to the Wi-Fi range of the victim’s device.
How to Avoid It?
Now, as per the researchers, there is no workaround to this security flaw as of now. If users want to avoid it, the only way to do so is by not using Apple’s file-sharing feature until the company releases a fix for it. So, if you are an Apple user and do not want any stranger going through your phone number and accessing personal details, you can use some of the AirDrop alternatives. Moreover, you can use services such as SHAREit or its alternatives to quickly transfer files between devices.