Three AirDrop vulnerabilities have been discovered by security researchers, affecting both iPhones and Macs, reports 9to5Mac. Android uses face the same issue due to their file sharing feature dubbed Quick Share.
According to HelpNetSecurity, researchers at the CISPA Helmholtz Center for Information Security examined both systems and came away with six vulnerabilities spanning macOS, iOS, Android, and Windows. Arash Ale Ebrahim and Nils Ole Tippenhauer reverse engineered the application-layer protocols, built a custom fuzzer for AirDrop, and ran targeted analysis on Quick Share.
A proximity attacker needs a laptop with Wi-Fi and a spot within range, often 10 to 30 meters. No pairing, contact exchange, or shared network is required. On Apple devices set to receive from “Everyone,” the early protocol phases respond before any user prompt appears. Quick Share answers nearby devices by default once it is visible.
As 9to5Mac notes, “The good news is that no data can be obtained, but “the bad news is that a number of related Apple services on both iPhone and Mac can be remotely disabled.”
I hope you’ll help support Apple World Today by becoming a patron. Almost all our income is from Patreon support and sponsored posts. Patreon pricing ranges from $2 to $10 a month. Thanks in advance for your support.
Article provided with permission from AppleWorld.Today
