Apple’s AirDrop can leak your phone number: Report

By Digit NewsDesk | Published on Aug 03 2019
Apple’s AirDrop can leak your phone number: Report

Get Redmi 8 4GB+64 GB @ RS.7,999

With 12MP+2MP AI Dual camera, 5000mAh battery, fast charging, Fingerprint sensor + AI Face unlock

Click here to know more

HIGHLIGHTS

Apple AirDrop can leak your private information, including phone number: Report

If the bluetooth of an Apple device is on, it broadcasts a partial cryptographic hash that can easily be converted into a phone number.

It is a well-known fact that Apple has an ecosystem that makes it easy for people to share Wi-Fi passwords, and use AirDrop to send files to the nearby Apple devices. However, the same features pose a threat to your privacy and security. According to a report published recently, cybercriminals can capitalise on the loopholes of these features to collect potentially sensitive data, including the phone numbers.

According to the report, if you leave the bluetooth on your device turned on, it broadcasts a host of device details, including the device’s name, whether it's in use, whether the Wi-Fi is turned on, the OS version it’s running, and information about the battery. What’s further concerning is the revelation that when iPhone owners use AirDrop or Wi-Fi password sharing features, their devices broadcast a partial cryptographic hash that can easily be converted into an iPhone’s complete phone number. 

The information disclosed in areas like work and offices may not be as alarming as it may get when it is shared in public places. Such areas may have cybercriminals with some kind of hardware with which they can collect the details of all Apple devices that have bluetooth turned-on. The details could later be used to track customers. 

How does this work?

If, for example, you are using AirDrop to share a file or image, the device that you are working on will broadcast a partial SHA256 hash of their phone number, the user’s email address, and the user’s Apple ID. While only the first three bytes of the hash are broadcast, researchers from security firm Hexway claim that these bytes provide enough information to the criminals to recover the full phone number.

logo
Digit NewsDesk

The guy who answered the question 'What are you doing?' with 'Nothing'.

Digit caters to the largest community of tech buyers, users and enthusiasts in India. The all new Digit in continues the legacy of Thinkdigit.com as one of the largest portals in India committed to technology users and buyers. Digit is also one of the most trusted names when it comes to technology reviews and buying advice and is home to the Digit Test Lab, India's most proficient center for testing and reviewing technology products.

We are about leadership-the 9.9 kind! Building a leading media company out of India.And,grooming new leaders for this promising industry.