Apple's Convenient AirDrop Functionality Unveils an Uneasy Aspect
Navigating Apple's convenient sharing features might come with a hidden cost, according to a recent report. Enabling Bluetooth and using AirDrop or sharing WiFi passwords could accidently expose your phone number to anyone with the know-how. Every time you hit share, your device broadcasts a partial SHA256 hash to nearby devices, potentially revealing your number. Even password sharing may disclose partial hashes of your AppleID and email.
This confidential information theft is highlighted in a cybersecurity report by Hexway, who also shared scripts for exploitation. A researcher successfully extracted details from over a dozen iPhones and Apple Watches in a public location within minutes, as reported by Ars Technica.
Apple's famous "What happens on your iPhone, stays on your iPhone" motto seems to clash with this unsavory reality. While using partial hashes indicates their attempt to protect user privacy, it cannot fully eliminate the risk of personal data exposure for features like AirDrop that inherently demand sharing of such information.
However, we're not entirely fault-finding Apple here. It's challenging to balance convenience and privacy, and the best approach seems to be employing prudence. To minimize the risk of exposing your phone number in such situations, disabling Bluetooth or AirDrop while in public areas won't hurt. Remember, digital freedom often comes with maintaining a balance between convenience and privacy.
If this still provokes concern, here are some actionable measures:
- Disable AirDrop: For iPhone, navigate to the Settings > General > AirDrop to select 'Receiving Off'. You can also customize AirDrop settings for more personalized control.
- Adjust AirDrop Settings: Even if you only share with 'Contacts Only', your personal data may still be at risk. Consider disabling AirDrop for added security.
- Use WiFi Password Sharing Cautiously: Share WiFi passwords with caution, primarily using built-in features. If you share with non-Apple devices, consider using QR codes for increased security.
- Enable Lockdown Mode: Turn on Lockdown Mode to boost device security, restricting features like AirDrop.
- Regularly Update Your Device: Keep your device updated with the latest iOS version to benefit from security patches.
By implementing these measures, you can significantly minimize the risk of phone number exposure during AirDrop and WiFi password sharing.
The report by Hexway suggests that using tech features like Bluetooth and AirDrop in Apple devices could involve a privacy cost, as they might unintentionally reveal your phone number. The future of tech privacy seems to be a delicate balance between convenience and protection, as highlighted by the use of partial hashes in Apple's sharing features. Despite the potential risks, disabling Bluetooth or AirDrop in public areas can help curb the exposure of your personal information. The Ars Technica article mentions that a researcher was able to extract details from multiple devices using exploitative scripts.
