A Chinese authority is apparently able to find out the telephone number and email address of iPhone owners who have distributed content via AirDrop.
Sharing content via AirDrop is not necessarily anonymous, as is often assumed: According to an authority in Beijing, it is able to identify the sender of unwelcome AirDrop content from iPhone device logs - including their telephone number and email address. Police officers have already identified several suspects in this way, the Chinese authorities announced. The method will ultimately simplify law enforcement and "prevent the spread of inappropriate statements and potentially bad influences".
According to reports, the pro-democracy protest movement in Hong Kong and China has been using AirDrop for years to pass on protest posters and slogans directly to iPhones in the vicinity. As AirDrop also works without an internet connection, it cannot be controlled using "standard network monitoring tools", according to Beijing - the new technology is therefore important for identifying senders. The announcement also appears to be intended to deter dissidents from continuing to use AirDrop.
For AirDrop, Apple relies on a hash function that has been criticized for some time: if the user is logged in to iCloud, the operating system creates an "AirDrop short identity" when the service is activated, which is exchanged with other devices in the vicinity during AirDrop transfers. This allows iPhones & Co to determine whether the sender and recipient know each other, i.e. whether they are listed in each other's address book. The hash value is based on the telephone numbers and e-mail addresses stored for the Apple ID.
Researchers at TU Darmstadt warned several years ago that these can be recalculated using a brute force attack. The AirDrop short identity or hash value is transmitted when the sharing menu is opened.
According to the report from Beijing, the Chinese authorities rely on rainbow tables to determine the original character string masked by the hash value. To do this, the law enforcement officers presumably need to have full access to the iPhone that has received files via AirDrop.
Chinese police have allegedly "cracked" Apple AirDrop.
Chinese police have allegedly "cracked" Apple AirDrop.
A translation of the original article published on heise.de.
The implosion of I2P is not a question of if, it is a question of when.