AirDrop 'Cracked' By Chinese Authorities To Identify Senders

According to Bloomberg, Apple's AirDrop feature has been cracked by a Chinese state-backed institution to identify senders who share "undesirable content". MacRumors reports: AirDrop is Apple's ad-hoc service that lets users discover nearby Macs and iOS devices and securely transfer files between them over Wi-Fi and Bluetooth. Users can send and receive photos, videos, documents, contacts, passwords and anything else that can be transferred from a Share Sheet. Apple advertises the protocol as secure because the wireless connection uses Transport Layer Security (TLS) encryption, but the Beijing Municipal Bureau of Justice (BMBJ) says it has devised a way to bypass the protocol's encryption and reveal identifying information.

According to the BMBJ's website, iPhone device logs were analyzed to create a "rainbow table" which allowed investigators to convert hidden hash values into the original text and correlate the phone numbers and email accounts of AirDrop content senders. The "technological breakthrough" has successfully helped the public security authorities identify a number of criminal suspects, who use the AirDrop function to spread illegal content, the BMBJ added. "It improves the efficiency and accuracy of case-solving and prevents the spread of inappropriate remarks as well as potential bad influences," the bureau added.

It is not known if the security flaw in the AirDrop protocol has been exploited by a government agency before now, but it is not the first time a flaw has been discovered. In April 2021, German researchers found that the mutual authentication mechanism that confirms both the receiver and sender are on each other's address book could be used to expose private information. According to the researchers, Apple was informed of the flaw in May of 2019, but did not fix it.

It sounds like the whole intention of this is

[BrookSmith]

It sounds like the whole intention of this is: "prevents the spread of inappropriate remarks".

Re:

[bill_mcgonigle]

Backdoors in the silicon, sandbox escapes in imessage, pdf reader, un/poorly-salted airdrop.

It's good Google/Apple/Samsung are working on open and interoperable replacement standards.

Some better hardware is coming on line too.

Re: It sounds like the whole intention of this is

[gnasher719]

What backdoors in silicon?

Re:

[Press2ToContinue]

Outside of China it's called "misinformation."

1989

[dohzer]

to identify senders who share "undesirable content"

1989 NEVER FORGET

It uses a proprietary protocol which 3rd parties

[waspleg]

(Apple Wireless Direct Link, AWDL) have been involved in reverse engineering. [owlink.org] It's also what iPads/Apple TVs and other iThings use to talk to each other.

Same Bloomberg as 'Supermicro hack' article?

[david.emery]

That story that everyone involved denied, but Bloomberg has never retracted?

Caveat lector.

I wonder if Apple helped Chinese authorities a bit

[Rosco P. Coltrane]

You know, a technical hint or two in passing, just so that they can continue having their products manufactured by Foxconn without difficulties while their Indian sweatshops are ramping up...

Re:

[ACForever]

Sounds exactly like something apple would do.

Re:

[Rosco P. Coltrane]

It sounds at least plausibly like what any mega corporation that has a huge conflict of interest and has to choose between making good on their marketing promises to its users and threatening its entire supply chain would choose to do.

Not saying Apple did it, but they are in that very situation, and at the very least, that casts heavy doubt on their probity.

Re:I wonder if Apple helped Chinese authorities a

[AmiMoJo]

Let's see if they patch it.

Re: I wonder if Apple helped Chinese authorities a

[AcidFnTonic]

Like when airdrop always on mode was removed? Then later in the usa its removed too?

Re:

[gnasher719]

What makes you think that?

Re:

[Anonymous Coward]

wow! congrats! that is a fantastical conspiracy theory you just made up! remind me again when we dropped into the superhero movie and when will the Flash come and save us all?

Re:

[Plumpaquatsch]

I bet you don't "wonder" if Google helped China, when in fact they did - or at least almost completed their task.

Dragonfly [wikipedia.org]

Prove it

[dcooper_db9]

Governments don't brag about their exploits. They keep them secret as long as possible. It sounds to me like China wants people to think they cracked it.

Re: Prove it

[guruevi]

This, it sounds like theyâ(TM)re able to prove and decrypt part of the message after they confiscate your iPhone and gain access to it. Cue the XKCD $5 wrench.

No more

[RitchCraft]

No more Tank Man images for you. Don't you just love dictatorships!?

Re:

[Ferocitus]

No more Tank Man images for you. Don't you just love dictatorships!?

ProTip for Counter-Revolutionaries: Never bring a shopping bag to a tank battle.

A couple questions

[93 Escort Wagon]

1) Does this imply Apple is not using salt, or is doing it incorrectly? I thought salting was specifically to prevent rainbow table attacks.

2) Since this involves accessing the device logs, would it work on non-Chinese-owned iPhones? I didn't think the iPhone's logs were generally accessible; but I also assume Chinese citizens are required to have additional software on their phones that gives the government more access (just basing that on what they seem to do with devices carried by our faculty when they go to China).

Re: A couple questions

[gnasher719]

The didnâ(TM)t access device logs of citizens. They own plenty of iPhones, and you can get the device logs of your own phones. They used that to reverse engineer how airdrop encryption works.