/?pid=21018

Updated:01:53 PM EDT Jul 18
this is ggmania.com subsite

NEWS
rss feed 
 
top 100
archive
ARTICLES
CD/DVD tools
Free Antivir
Security
Drivers
Utilities
FORUMS
LINKS


(C) 2006-2025 TechAmok Independent
All Rights Reserved.


 
 Apple's AirDrop and password sharing features can leak iPhone numbers - TechAmok

Apple's AirDrop and password sharing features can leak iPhone numbers - [security]
05:26 PM EDT - Aug,01 2019 - post a comment

Apple makes it easy for people to locate lost iPhones, share Wi-Fi passwords, and use AirDrop to send files to other nearby devices. A recently published report demonstrates how snoops can capitalize on these features to scoop up a wealth of potentially sensitive data that in some cases includes phone numbers.

Simply having Bluetooth turned on broadcasts a host of device details, including its name, whether it's in use, if Wi-Fi is turned on, the OS version it's running, and information about the battery. More concerning: using AirDrop or Wi-Fi password sharing broadcasts a partial cryptographic hash that can easily be converted into an iPhone's complete phone number. The information - which in the case of a Mac also includes a static MAC address that can be used as a unique identifier - is sent in Bluetooth Low Energy packets.

The information disclosed may not be a big deal in many settings, such as work places where everyone knows everyone anyway. The exposure may be creepier in public places, such as a subway, a bar, or a department store, where anyone with some low-cost hardware and a little know-how can collect the details of all Apple devices that have BLE turned on. The data could also be a boon to companies that track customers as they move through retail outlets. As noted above, in the event someone is using AirDrop to share a file or image, they're broadcasting a partial SHA256 hash of their phone number. In the event Wi-Fi password sharing is in use, the device is sending partial SHA256 hashes of its phone number, the user's email address, and the user's Apple ID. While only the first three bytes of the hash are broadcast, researchers with security firm Hexway (which published the research) say those bytes provide enough information to recover the full phone number.

Hexway's report includes proof-of-concept software that demonstrates the information broadcast. Errata Security CEO Rob Graham installed the proof-of-concept on a laptop that was equipped with a wireless packet sniffer dongle, and within a minute or two he captured details of more than a dozen iPhones and Apple Watches that were within radio range of the bar where he was working


Add your comment (free registrationrequired)

Short overview of recent news articles

Jul,18 2025 LAMBORGHINI REVUELTO V12 // 370KMH REVIEW on UNLIMITED AUTOBAHN!
Jul,18 2025 Mortal Kombat II - Official Trailer
Jul,17 2025 Stranger Things 5 - Official Teaser
Jul,14 2025 Google Is Selling Fake Products - WAN Show July 11, 2025
Jul,12 2025 Hacked by playing Call of Duty WW2 on Gamepass?
Jul,12 2025 2025 VW Golf GTE // TOP SPEED REVIEW on AUTOBAHN
Jul,11 2025 NEW Audi RS3 v cheapest used RS3: DRAG RACE
Jul,10 2025 A critical security vulnerability in Microsoft Remote Desktop Client
Jul,10 2025 Samsung Z Fold/Flip 7 Impressions: Major Upgrades!
Jul,08 2025 Gmail's latest feature helps you get rid of those pesky emails from
Jul,06 2025 I'm an idiot and still made top 5... here's how
Jul,05 2025 The Fantastic Four: First Steps - Official 'Lift Off' Teaser
Jul,04 2025 Samsung Galaxy Z Fold 7 - Hands on Look
Jul,04 2025 RTX 5070 Ti vs RTX 5080 - Is 5080 Gaming Laptop Worth More $$$?
Jul,04 2025 FIRST DRIVE: Praga Bohema - Crazy Hypercar Driven!
Jul,03 2025 Ballerina - Exclusive John Wick Deleted Scene (2025) Keanu Reeves,
Jul,03 2025 Call of Duty: WWII - Remote Code Execution Warning (PC Game Pass)
Jul,02 2025 1014HP Lamborghini REVUELTO 369KMH TOP SPEED POV on AUTOBAHN
Jul,01 2025 Nvidia Drivers (V 576.80 vs V 576.88) - Test In 12 Games - RTX 4060
Jun,30 2025 AMD Adrenalin 25.6.3 Driver Is Available
Jun,30 2025 NVIDIA GeForce RTX 5080 SUPER Could Feature 24 GB Memory, Increased
Jun,29 2025 Guess What Nvidia Did THIS Time
Jun,28 2025 The 10 Best Dinosaur Movies of All Time
Jun,28 2025 Microsoft officially confirms that Windows 11 version 25H2 is coming
Jun,26 2025 Eddington - Official Trailer 2 (2025) Joaquin Phoenix, Pedro Pascal
Jun,25 2025 Microsoft Say System Restore Points Now Expire After 60 Days
Jun,25 2025 Facebook, Netflix, and Microsoft Websites Hijacked to Insert Fake
Jun,24 2025 I put a $3000 GPU in my Average PC... It Was a Mistake
Jun,24 2025 Best External SSD for Mac 2025: After Weeks of Testing, Here's What
Jun,23 2025 Mostly boob jokes this week (RTX 5090 DD) - Tech News June 22
Jun,21 2025 Superman - Official 30 Second Spot (2025)
Jun,21 2025 'The fastest road car I've ever been in!' - Ferrari F80 track day
Jun,20 2025 CPU SCAM: AMD Ryzen 9800X3D Counterfeits & Fraud
Jun,19 2025 28 Years Later Review
Jun,18 2025 HW News - NVIDIA "N1x" CPU Leak, ASUS Xbox ROG Ally, More Intel
Jun,17 2025 NVIDIA GeForce 576.80 WHQL Driver
Jun,16 2025 The Fantastic Four: First Steps - Official 'H.E.R.B.I.E.' Teaser
Jun,15 2025 Huawei Maextro S800 First Look - A True BMW & Mercedes Killer?
Jun,14 2025 Upgrade Windows 10 to Windows 10 LTSC Without Losing Data
Jun,14 2025 Squid Game: Season 3 - Final Games Trailer
>> News Archive <<

TechAmok - Privacy Policy        loading time:0.01secs