Apple’s AirDrop can leak your phone number: Report

By Digit NewsDesk | Published on 03 Aug 2019
Apple’s AirDrop can leak your phone number: Report

Apple AirDrop can leak your private information, including phone number: Report

If the bluetooth of an Apple device is on, it broadcasts a partial cryptographic hash that can easily be converted into a phone number.


IBM Developer Contest

Take the quiz to test your coding skills and stand a chance to win exciting vouchers and prizes upto Rs.10000

Click here to know more

It is a well-known fact that Apple has an ecosystem that makes it easy for people to share Wi-Fi passwords, and use AirDrop to send files to the nearby Apple devices. However, the same features pose a threat to your privacy and security. According to a report published recently, cybercriminals can capitalise on the loopholes of these features to collect potentially sensitive data, including the phone numbers.

According to the report, if you leave the bluetooth on your device turned on, it broadcasts a host of device details, including the device’s name, whether it's in use, whether the Wi-Fi is turned on, the OS version it’s running, and information about the battery. What’s further concerning is the revelation that when iPhone owners use AirDrop or Wi-Fi password sharing features, their devices broadcast a partial cryptographic hash that can easily be converted into an iPhone’s complete phone number. 

The information disclosed in areas like work and offices may not be as alarming as it may get when it is shared in public places. Such areas may have cybercriminals with some kind of hardware with which they can collect the details of all Apple devices that have bluetooth turned-on. The details could later be used to track customers. 

How does this work?

If, for example, you are using AirDrop to share a file or image, the device that you are working on will broadcast a partial SHA256 hash of their phone number, the user’s email address, and the user’s Apple ID. While only the first three bytes of the hash are broadcast, researchers from security firm Hexway claim that these bytes provide enough information to the criminals to recover the full phone number.

Digit NewsDesk

The guy who answered the question 'What are you doing?' with 'Nothing'.

Digit caters to the largest community of tech buyers, users and enthusiasts in India. The all new Digit in continues the legacy of as one of the largest portals in India committed to technology users and buyers. Digit is also one of the most trusted names when it comes to technology reviews and buying advice and is home to the Digit Test Lab, India's most proficient center for testing and reviewing technology products.

We are about leadership-the 9.9 kind! Building a leading media company out of India.And,grooming new leaders for this promising industry. Protection Status