Wireless file sharing is one of the better advances in the modern era.
But that doesn’t mean it isn’t without its pitfalls.
Yet most of us probably never even think about it – something that could change once you consider the vast number of potential vulnerabilities to which you could expose yourself using even the most robust technology.
Reports indicate that Apple’s vaunted Airdrop feature could be hiding more than a few security flaws that could make it somewhat undesirable for consumers in the near term. PetaPixel reports that research groups Secure Mobile Networking Lab (SEEMOO) and the Cryptography and Privacy Engineer Group (ENCRYPTO) discovered that attackers could learn the email addresses and phone numbers of Airdrop users even if they didn’t know the person IRL. For those of you that haven’t used Airdrop before, it is a person-to-person file sharing feature that uses manual authentication to make sure everyone approves of what is going down.
Having a complete stranger access that kind of information is somewhat unnerving. The research revealed that it was actually quite easy to do this, too, requiring only a Wifi device and being close to the person with an Apple device. Being close to the person with the Apple device allowed the malicious user to access this information via the sharing pane on an iOS device, PetaPixel reports.
Though Apple hasn’t yet addressed this, the team behind the research has their own novel solution that they call Privatedrop.
A press release for it states:
“PrivateDrop is based on optimized cryptographic private set intersection protocols that can securely perform the contact discovery process between two users without exchanging vulnerable hash values. The researchers’ iOS/macOS implementation of PrivateDrop shows that it is efficient enough to preserve AirDrop’s exemplary user experience with an authentication delay well below one second.”
Do you use Apple’s Airdrop feature to transfer files? Have you ever experienced anything amiss with it? Let us know your thoughts on wireless file sharing and security in the comments below.
And we’ve got a bunch of other photography news on Light Stalking at this link right here.