AirDrop crack: Apple was made aware of the vulnerability in 2019

The vulnerability which seemingly led to an crack by a state institute has been known to since at least 2019, according to a new report. Some new details are also emerging about how China is able to of people transferring files via AirDrop … Why China wanted to crack AirDrop AirDrop is only intended to share the name of your phone (which you can set to anything you like).

Your Apple ID should be disclosed, nor the contact information associated with it – namely, your phone number and email address. This has made it a safe way for anti government activists to distribute information censored on the Internet. It was, for example, widely used in Hong Kong to pass on the dates, times, and locations of upcoming protests.

Chinese authorities want to identify those who distribute anti government materials. The Chinese AirDrop crack yesterday reported that a state backed institute , revealing the identities of those sending files. was able to replicate part of what it suspects was done. We launched the console on our Mac and AirDropped a file to it from an iPhone, discovering from the console log data that the “sharingd” process is responsible for AirDrop.

This contains a dedicated sub process called “AirDrop,” but several other sub processes were also active during the file transfer. We found the name of our iPhone in one of the sub processes, along with the strength of the Bluetooth signal. The “AirDrop” sub process actually stores the hash values for the email and phone number belonging to the contacted iPhone (see screenshot), but we were unable to access the plain text.

While the site didn’t manage to crack the hashes, it doesn’t seem much of a stretch to believe that China was able to do so. Although they are stored as hash values, they are fairly easy to decipher: the phone number consists only of digits and is easy to decode using a brute force attack. For emails, attackers guess the usual alias structures, then search for possible matches in dictionaries and databases of leaked emails.

Apple has known about this vulnerability since 2019 The report says that security researchers have long warned Apple about the risks of encoding phone numbers and email addresses in this way, and sending them to the receiving device. These warnings date back to at least 2019. One of them was Alexander Heinrich at TU Darmstadt, who back in 2021 told Apple: We discovered two design flaws in the underlying protocol that allow attackers to learn the phone numbers and email addresses of both sender and receiver devices.

He says that Apple responded to him while developing iOS 16, but seemingly didn’t fix the issue. One likely reason for this is that switching to a more secure version of the AirDrop protocol – proposed by Heinrich and his team – would not be backward compatible. This would mean AirDrop would no longer work when transferring to and from older devices unable to run the latest iOS versions.

9to5Mac’s Take It’s somewhat understandable that Apple didn’t want to break AirDrop compatibility with older devices. However, now that the vulnerability is being actively exploited, and considering the extremely high stakes here – China has in respect of dissidents – it does seem like this is the lesser of two evils..