Security News > 2024 > January > China loathes AirDrop so much it's publicized an old flaw in Apple's P2P protocol

China loathes AirDrop so much it's publicized an old flaw in Apple's P2P protocol
2024-01-15 02:58

Protestors reportedly used AirDrop to share anti-government material during China's long and strict COVID-19 lockdowns.

Which is why Chinese authorities last week admitted that the use of AirDrop is considered problematic after police previously found inappropriate material being shared on the Beijing subway using the protocol.

"Because AirDrop does not require an Internet connection to be delivered, this behavior cannot be effectively monitored through conventional network monitoring methods, which has become a major problem for the public security organs to solve such cases," states an article posted by the city of Beijing's municipal government.

Infosec academic Matthew Green analyzed the post, and research on AirDrop published in 2019 by academics from TU Darmstadt, and concluded the protocol is leaky and the Institute's assertions are entirely plausible - if an Apple ID or phone number can be guessed by an attacker.

AirDrop users are therefore at risk, in China, or anywhere else.

"Hence there is a legitimate question about whether it's politically wise for Apple to make a big technical improvement to their AirDrop privacy, right at the moment that the lack of privacy is being viewed as an asset by authorities in China. Even if this attack isn't really that critical to law enforcement within China, the decision to 'fix' it could very well be seen as a slap in the face," he wrote.


News URL

https://go.theregister.com/feed/www.theregister.com/2024/01/15/china_airdrop_anonymity_warning/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Protocol 12 0 1 15 1 17