Nomad@infosec.pub
on 10 Jan 2024 20:05
nextcollapse
No shit Sherlock. The encryption uses the phone number of the user for hashing. Building a rainbow table for all phone numbers is childsplay.
They use a weakness in the protocol to identify the senders number. They can’t see what they send, but who sent something and when and to who.
Ghostalmedia@lemmy.world
on 10 Jan 2024 20:50
collapse
Someone correct me if I’m wrong, but it looks like there are two hashes. A short one based on the iCloud account’s email address or phone number, and a long 2048-bit RSA identity that gets stored on the device after logging into iCloud.
It looks like the short identity is basically just used for that initial airdrop screen where you find available targets to airdrop to, but the actual longer, more secure, hash is required for the actual file transfer.
That might explain why finding airdrop contacts is kind of snappy, but there is a bit of a delay after you initiate a transfer.
Edit: one more thought. If this really was that easy to crack, wouldn’t China have done this years ago? The CCP has been targeting Airdrop for a long long time.
ripcord@lemmy.world
on 11 Jan 2024 02:43
nextcollapse
Thank you, incidentally, for contributing so much to Lemmy. You are great.
Ghostalmedia@lemmy.world
on 11 Jan 2024 02:51
collapse
Sounds about right. Might be they have some man in the middle shenannigans going on with permanently installed hardware in the subway, but I doubt it. That would be a race condition that you might win with a lot more signal strength, but still…
Apple disabled AirDrop in the China region, then later globally, for people not in your contacts.
In November 2022, […] Apple began to limit AirDrop sharing with non-contacts for devices in China, which made it harder for users to share files with people they didn’t know. That feature was later expanded globally.
Ghostalmedia@lemmy.world
on 10 Jan 2024 20:59
collapse
Correct, reviving files from everyone is now only open for 10 min. It was launched in China to appease the CCP, but in western nations where using airdrop to voice government dissent isn’t popular, it was released to stop people from airdropping dick pics on the subway.
I haven’t read anything about cracking the data itself though, just being able to identify the phone number of a sender. The infos they give is just too vague at this point.
AirDrop has been used in China by pro-democracy activists to spread their message relatively safely (as you can’t get away with that using the internet). Apple has already made AirDrop useless for that purpose in a recent update, but I guess China is still working on cracking down on it.
Ghostalmedia@lemmy.world
on 10 Jan 2024 21:42
collapse
You can still use airdrop to send shit to people about how much the CCP sucks. Airdropping to non-contacts still exists, but when you enable receiving from any rando, that door only remains open for 10 minutes, then you have to open it again.
I guess the question is, do Chinese people keep tapping “everyone for 10 minutes” multiple times in certain public places?
That’s what I meant as it being useless now for that purpose. Unless there’s designated dissent areas or times, that strategy just won’t work any more (and if you have to be ‘in the know’ to enable it, you’re not recruiting/convincing any new people).
Ghostalmedia@lemmy.world
on 11 Jan 2024 01:50
collapse
I curious why China still cares about it. It seems like it would be hard for to spread info around on it now.
That said, if they still care about it, there must be some sort of use case that scares them.
Or they tasked a team with cracking it, they finally got a result and decided to announce it regardless, even if it is moot because the economic pressure on Apple worked.
Ghostalmedia@lemmy.world
on 10 Jan 2024 21:22
nextcollapse
Hot take - I’ll wager China is publicly announcing this so Chinese citizens stop trusting Airdrop.
Intelligence organizations usually like to keep uncovered vulnerabilities private so they don’t get patched. And if there is a vulnerability, Apple will 100% patch that shit.
By sowing doubt in AirDrop’s security, that might be enough to get Chinese citizens to stop using it. And if enough people stop sharing or receiving, then that is going to kneecap it as a channel for dissent.
JCreazy@midwest.social
on 11 Jan 2024 01:57
collapse
I had someone tell me that when they were on campus people would airdrop entire movies to either.
threaded - newest
No shit Sherlock. The encryption uses the phone number of the user for hashing. Building a rainbow table for all phone numbers is childsplay.
They use a weakness in the protocol to identify the senders number. They can’t see what they send, but who sent something and when and to who.
Someone correct me if I’m wrong, but it looks like there are two hashes. A short one based on the iCloud account’s email address or phone number, and a long 2048-bit RSA identity that gets stored on the device after logging into iCloud.
It looks like the short identity is basically just used for that initial airdrop screen where you find available targets to airdrop to, but the actual longer, more secure, hash is required for the actual file transfer.
That might explain why finding airdrop contacts is kind of snappy, but there is a bit of a delay after you initiate a transfer.
support.apple.com/guide/security/…/web
Edit: one more thought. If this really was that easy to crack, wouldn’t China have done this years ago? The CCP has been targeting Airdrop for a long long time.
Thank you, incidentally, for contributing so much to Lemmy. You are great.
Thanks! Right back at ya!
Sounds about right. Might be they have some man in the middle shenannigans going on with permanently installed hardware in the subway, but I doubt it. That would be a race condition that you might win with a lot more signal strength, but still…
So don’t go to China and if you do don’t send any important but unencrypted files via short-distance signal from one iPhone to another iPhone, gotcha.
Apple disabled AirDrop in the China region, then later globally, for people not in your contacts.
Correct, reviving files from everyone is now only open for 10 min. It was launched in China to appease the CCP, but in western nations where using airdrop to voice government dissent isn’t popular, it was released to stop people from airdropping dick pics on the subway.
<img alt="" src="https://lemmy.world/pictrs/image/518d8041-d0a4-4d0e-8f55-55183d905b25.jpeg">
people would airdrop around weapons and stuff at my school which almost always ended with a lockdown
😆 Imagine the analog version of this… Dudes leaving random dick polaroids…
I don’t have to imagine it. I’ve clocked in hours on BART. It’s just dudes whipping it out.
Thing is, the actual airdrop file transfer should be gated behind a 2048-bit RSA hash.
I’m curious to see what the security vulnerability is and how long it will remain open. China has been thirsting to find one for years.
I haven’t read anything about cracking the data itself though, just being able to identify the phone number of a sender. The infos they give is just too vague at this point.
AirDrop has been used in China by pro-democracy activists to spread their message relatively safely (as you can’t get away with that using the internet). Apple has already made AirDrop useless for that purpose in a recent update, but I guess China is still working on cracking down on it.
You can still use airdrop to send shit to people about how much the CCP sucks. Airdropping to non-contacts still exists, but when you enable receiving from any rando, that door only remains open for 10 minutes, then you have to open it again.
I guess the question is, do Chinese people keep tapping “everyone for 10 minutes” multiple times in certain public places?
That’s what I meant as it being useless now for that purpose. Unless there’s designated dissent areas or times, that strategy just won’t work any more (and if you have to be ‘in the know’ to enable it, you’re not recruiting/convincing any new people).
I curious why China still cares about it. It seems like it would be hard for to spread info around on it now.
That said, if they still care about it, there must be some sort of use case that scares them.
Or they tasked a team with cracking it, they finally got a result and decided to announce it regardless, even if it is moot because the economic pressure on Apple worked.
Hot take - I’ll wager China is publicly announcing this so Chinese citizens stop trusting Airdrop. Intelligence organizations usually like to keep uncovered vulnerabilities private so they don’t get patched. And if there is a vulnerability, Apple will 100% patch that shit.
By sowing doubt in AirDrop’s security, that might be enough to get Chinese citizens to stop using it. And if enough people stop sharing or receiving, then that is going to kneecap it as a channel for dissent.
I had someone tell me that when they were on campus people would airdrop entire movies to either.