However, according to ENCRYPTO, this hash value can be easily flattened by a simple method such as brute force attack. In this mutual authentication mechanism, information such as telephone numbers and email addresses associated with terminals is obfuscated using a unique hash function. The vulnerability discovered by ENCRYPTO is related to the mutual authentication mechanism between Apple devices when using AirDrop. By default, the people who can exchange data with AirDrop are limited to those who the user knows the contact information, but in order to find out 'which device belongs to the person who knows the contact information', A mutual authentication mechanism works between Apple devices to identify which device you know.Īccording to a research team called ENCRYPTO, which conducts cryptography and privacy-related research at the Technische Universität Darmstadt, there are serious privacy-related vulnerabilities in this AirDrop mutual authentication mechanism. The research team is reporting.Īpple AirDrop shares more than files – Computer Science – Technical University of DarmstadtĪirDrop makes it easy to send and receive data such as photos and videos between Apple devices. 18:00:00 Security researchers point out that more than 1.5 billion iPhones and Macs are vulnerable to leaking phone numbers and email addressesĪirDrop, which allows you to easily share photo and video files between Apple devices, has a security vulnerability that could leak your phone number or email address to strangers, according to the Technische Universität Darmstadt.
0 kommentar(er)
