O Airdrop Not one of the best known iOS / macOS features, but it can certainly be one of the most convenient. As easy as it is to send photos, videos, and other media between different devices through AirDrop, the protocol used to enable these wireless transmissions can contain some serious flaws.
A new survey released by the Ars Technica revealed that the network protocol used in AirDrop / AirPlay, called Apple Wireless Direct Link (AWDL) can make users susceptible to a series of attacks such as man-in-the-middle (MitM).
While Apple takes steps to protect users from these breaches in its network protocols, some security researchers have found that it is not difficult to circumvent Ma's barriers, as seen in the following video:
Briefly, when someone uses AirDrop to share a file or image, the device broadcasts a hash which is picked up by other nearby handsets and may partially reveal your phone number.
If the user uses AirDrop to share a Wi-Fi password, the device sends even more codes. hash, which may also include your email address and Apple ID.
Although only the three numbers / letters are displayed in the hash, the researchers said that this data provides enough information for a hacker to find out the full phone number, for example from a database for each phone number in a given region.
It is worth noting that this is a side effect of Apple's AWDL protocol, not really an error / flaw that must be corrected by the company which makes it difficult for these breaches to be widely used against users.
If you worry too much about this kind of loophole, the most recommended solution is to set AirDrop availability only for your contacts: Settings General AirDrop Contacts Only. This will ensure that you are only seen by trusted people for a brief period of time.
via 9to5Mac
