This is a very good article that explains what airdrop is and what the problem is. I’m not an iphone user so I had no clue about any of it before.
I remember sending pictures to friends since bluetooth was on dumb phones, but apple really needs their own special name.
There was a thing called Bump like a decade ago that just disappeared for some reason. Android also had a way to stick phones together and you could just send whatever you had on your screen.
And ever since, sharing between people has become so difficult, nobody uses it. I don’t understand why it’s had to be this was and that only just now Google and Samsung are getting it together with Nearby Share.
You can still open Nearby Share on the sender phone and touch it on the other phone to start sending.
I keep airdrop off primarily for battery conservation and to avoid false/prank drops, but it’s nice to know I’ve been avoiding this risk as well.
Unfortunately most iPhone users I know forget airdrop even exists and it just stays on constantly.
On the bright side, it only affects people who actually use the feature, so as long as your friends aren’t being actively followed or AirDropping something in the middle of a protest, you’re probably fine.
It does, however, mean you might not want to accept random stuff…
researchers… have used these vulnerabilities to help police to identify the sender of “unauthorized” AirDrop materials, using a technique based on rainbow tables.
Why not just add a timestamp that rotates every, say 5 seconds, to the hashed data?
That would make it infeasible to precompute the table permanently (it would have to be precomputed for a very narrow attack window, which is still better than nothing)