Apple AirDrop could leak user information

Ars Technica, in a report published on Thursday, announced the researchers' discoveries about the wireless sharing feature. According to the findings, the vulnerability in AirDrop makes it possible for anyone with laptop and scanning software to identify the phone number of the sharing device.

Hexway's report includes evidence software that shows the information publication. Rob Graham, CEO of Errata Security, installed the proof of the concept on a laptop with wireless packet sniffer hardware and within a minute or two, captured the details of more than a dozen iPhone and Apple Watch in range.

Unfortunately the researchers; he says it's a very common security vulnerability that has emerged when trying to balance Apple's ease of use with security / privacy.

Independent privacy and security researcher Ashkan Soltani told Ars, Bu This is the classic swap that companies like Apple are trying to try to balance with ease of use and privacy / security. Otomatik Automatic discovery protocols often require the exchange of personal information to ensure their operation, and I know that most people working on security and privacy have in principle disabled automatic discovery protocols, such as AirDrop. "

When it comes to exploiting the vulnerability, Apple seems to have a vulnerable vulnerability, even if it tries to eliminate the danger.

According to the technical specifications, if someone is using AirDrop to share a file or picture, they issue a partial SHA256 hash of their phone number. If Wi-Fi password sharing is used, the device; sends partial SHA256 hash messages of the phone number, the user's email address, and the user's Apple ID. While only the first three bytes of Hash are published, Hexway researchers say these bytes provide enough information to recover the entire phone number.

	Extensive Product Selection ● Over 300,000 products ● 20 different categories ● 15 local warehosues ● Multiple top brands		Convenient Payment ● Global payment options: Visa, MasterCard, American Express ● PayPal, Western Union and bank transfer are accepted ● Boleto Bancario via Ebanx (for Brazil)
	Prompt Shipping ● Unregistered air mail ● Registered air mail ● Priority line ● Expedited shipping		Dedicated After-sales Service ● 45 day money back guarantee ● 365 day free repair warranty ● 7 day Dead on Arrival guarantee (DOA)