China Allegedly Cracked AirDrop Encryption; New Report Claims Apple Knows This Since 2019

Apple has allegedly been aware of it since 2019.

A new report claims that China cracked Apple's AirDrop encryption. The iPhone maker is allegedly aware of this issue since at least 2019.

Apple designed its AirDrop technology to allow users to send pictures, videos, and other content to nearby iPhones and other Apple devices without an internet connection.

China Allegedly Cracked AirDrop Encryption; New Report Claims Apple Knows This Since 2019
The Chinese national flag is displayed in front of an Apple store in Shanghai on October 9, 2021. HECTOR RETAMAL/AFP via Getty Images

What's great about the AirDrop messaging service is that it encrypts sent content so that others can't see the files and the identities of senders.

However, Beijing claimed that it was able to crack the AirDrop encryption and access the identities of Apple users in China.

China Allegedly Cracked AirDrop Encryption, Claims New Report

According to CBS News' latest report, the Beijing municipal government's justice bureau announced that Chinese experts were able to devise a method to crack encrypted AirDrop messages.

Researchers at the Beijing Wangshen Dongjian Justice Appraisal Institute specifically developed this method.

9To5Mac reported that the new AirDrop encryption cracking method allows the Chinese government to acquire email addresses and contact numbers of users who transfer files using the Apple feature.

Beijing was able to develop the AirDrop encryption cracking method because of a security vulnerability. Experts said that this issue involves the "sharingd" process.

The sharingd process, which is responsible for AirDrop, contains a dedicated sub-process called "AirDrop," as well as other sub-processes. Security researchers stated that some sub-processes contain iPhone names, Bluetooth signal strength, and other information.

What's alarming about this vulnerability is that the sub-processes also store hash values for phone numbers and email addresses, which are quite easy to decipher.

Apple Aware of AirDrop Vulnerability Since 2019

China Allegedly Cracked AirDrop Encryption; New Report Claims Apple Knows This Since 2019
People walk past an Apple store in Beijing on December 11, 2018. - Apple stores in China continued with business as usual on December 11, despite a Chinese court-ordered ban on iPhone sales that could hurt the US tech firm in one of its most crucial markets. GREG BAKER/AFP via Getty Images

Some security researchers have been warning Apple regarding the issue with its sharingd process in its AirDrop encryption. They said to the iPhone maker that the encoded email addresses, phone numbers, and other sensitive user details can easily be deciphered.

Cybersecurity experts have been warning the American gadget maker regarding this issue since 2019. One of them was Alexander Heinrich of TU Darmstadt.

"We discovered two design flaws in the underlying protocol that allow attackers to learn the phone numbers and email addresses of both sender and receiver devices," he said to Apple in 2021.

Tech enthusiasts said that when a vulnerability is discovered, Apple usually releases updates and patches to fix these security flaws, especially if they can leak sensitive information.

However, experts believe Apple might not fix the sharingd process flaw in China since the Chinese government could pressure it not to do so. Beijing has been against AirDrop and other similar technologies that can hide information from Chinese citizens.

It even introduced a new law making anti-government material distribution illegal. This legislation also pressured Apple to require iPhone users to use their real names on their iOS smartphones.

Tags
China, Apple
Real Time Analytics