Data transfer: vulnerability in AirDrop technology|Danger for Apple owners


Data transfer: vulnerability in AirDrop technology. The danger for Apple owners.The AirDrop technology used in Apple devices for transferring files revealed a serious flaw

Data transfer: vulnerability in AirDrop technology. The danger for Apple owners.The AirDrop technology used in Apple devices for transferring files revealed a serious flaw    The AirDrop technology used in Apple devices for transferring files revealed a serious flaw - you can intercept the subscriber’s personal data during data transfer. This way, attackers will recognize the real phone number of the victim.     AirDrop technology is a convenient tool for owners of Apple devices, allowing you to easily share photos, videos and links between them. However, Hexway cybersecurity experts said that AirDrop had a serious flaw that could be exploited by attackers.


The AirDrop technology used in Apple devices for transferring files revealed a serious flaw - you can intercept the subscriber’s personal data during data transfer. This way, attackers will recognize the real phone number of the victim.


AirDrop technology is a convenient tool for owners of Apple devices, allowing you to easily share photos, videos and links between them. However, Hexway cybersecurity experts said that AirDrop had a serious flaw that could be exploited by attackers.

The fact is that the basis of AirDrop is Bluetooth LE, which transmits information in the form of a hash.

Thus, hackers can intercept this information and decrypt it back, having received the real telephone a number of the subscriber.

  • If at the same time the user AirDrop also uses the function of transferring a password from Wi-Fi, then in the hands of fraudsters may also be a unique identification number Apple ID and email.


  • The head of the security company Errata Security, Rob Graham, confirmed to the Ars Technica portal the existence of this vulnerability, adding that its consequences are not so terrible as they are alarming since in fact, an attacker can get access to personal information without the user's knowledge.


  • At the same time, Hexway clarifies that the deficiency found is more a feature of the technology than a vulnerability. At the same time, researchers report that the problem with privacy was found in all versions of the iOS operating system, starting with 10.3.1 (including the beta of iOS 13).


  • The website talked to experts to find out what to expect for Apple device owners and whether to start panicking. According to Apple's business manager at Softline, Anton Karpov, within the framework of the Bluetooth LE connection protocol, the iPhone actually sends packets that, in theory, it is possible to listen, catch a hash, convert it and get a phone number.
You may also like


“However, hashing is a complex cryptographic the operation that, by definition, is very difficult to reversible and the source code is so hard to get from the hash that there is simply not enough computing power for this,” Karpov said.

  • Nikita Durov, Technical Director of Check Point Software Technologies in Russia and the CIS also believes that the problem with AirDrop described by Hexway is not as critical as it may seem at first glance.


  • “Hypothetically, attackers can really identify the device number and other data of the owner. For example, you can find out if a particular device is nearby. But this practice is unlikely to be widespread - it requires to pinpoint hacker work, and this is long enough and may not justify the effort, ”the expert explained.


  • The consultant of the Information Security Center of Jet Infosystems, Alexander Gon, pointed out that the danger of disclosing a phone number is equal to the same risks as the possibility of detecting this data through compromised databases.


  • "The scenario in which the attacker purposefully tries to obtain personal data in this way is more relevant for top management of large organizations, politicians and other media people," said the source in Gazeta.Ru.


  • Nevertheless, even the theoretical possibility of data theft is a threat, for counteracting which a number of precautions can be observed.


“Sometimes AirDrop features can be used to determine a person’s identity.

Another illegal use of AirDrop, which is now in the trend - the so-called "cyber flashing", when people send rudely or indecent photos to strangers in public places.

Our experts recommend setting up AirDrop so that only users from contacts can send content. You can completely disable the AirDrop function if you do not plan to actively use it at the moment, ”recommends Nikolaos Chrysaidos, head of the threat and protection research department for mobile devices at Avast.

At the end of July 2019, one of the Apple contractors told that the company was listening to the conversations that the owner of the Apple gadget had with the Siri voice assistant. As it turned out, the user's voice commands were actually recorded and sent to linguists for analysis in order to improve the quality of the assistant’s work. A week after the scandal, Apple announced the suspension of the Siri quality control program and also allowed users to choose whether to submit their records for analysis or not.


Data transfer: vulnerability in AirDrop technology|Danger for Apple owners Data transfer: vulnerability in AirDrop technology|Danger for Apple owners Reviewed by Write What's you know on August 04, 2019 Rating: 5

10 comments:

  1. This enormous change supports and inciting the Data Scientist over the association to adapt Big Data Training in Chennai.data science course in pune

    ReplyDelete
  2. Well, The information which you posted here is very helpful & it is very useful for the needy like me.., Wonderful information you posted here. Thank you so much for helping me out to find the Data analytics course in Mumbai Organisations and introducing reputed stalwarts in the industry dealing with data analyzing & assorting it in a structured and precise manner. Keep up the good work. Looking forward to view more from you.

    ReplyDelete

  3. Attend The Digital Marketing Courses in Bangalore From ExcelR. Practical Digital Marketing Courses in Bangalore Sessions With Assured Placement Support From Experienced Faculty. ExcelR Offers The Digital Marketing Courses in Bangalore.
    Digital Marketing training in Bangalore

    ReplyDelete
  4. Attend The Data Analytics Courses From ExcelR. Practical Data Analytics Courses Sessions With Assured Placement Support From Experienced Faculty. ExcelR Offers The Data Analytics Courses.
    ExcelR Data Analytics Courses

    ReplyDelete
  5. Well, The information which you posted here is very helpful & it is very useful for the needy like me.., Wonderful information you posted here. Thank you so much for helping me out to find the Data Analytics Course in MumbaiOrganisations and introducing reputed stalwarts in the industry dealing with data analyzing & assorting it in a structured and precise manner. Keep up the good work. Looking forward to view more from you.

    ReplyDelete
  6. Thanks for sharing this info,it is very helpful.
    data science

    ReplyDelete
  7. I feel very grateful that I read this. It is very helpful and very informative and I really learned a lot from it.
    data scientist course

    ReplyDelete
  8. Nice Article...Very interesting to read this article. I have learn some new information.thanks for sharing.
    Click here

    ReplyDelete
  9. I am looking for and I love to post a comment that "The content of your post is awesome" Great work!
    ExcelR data analytics

    ReplyDelete
  10. Excellent Blog! I would like to thank for the efforts you have made in writing this post. I am hoping the same best work from you in the future as well. I wanted to thank you for this websites! Thanks for sharing. Great websites!
    ExcelR data analytics

    ReplyDelete

Like a Reply

Powered by Blogger.