China claims it cracked Apple's AirDrop to find numbers, email addresses
A Chinese state-backed research institute claims to have discovered how to decrypt device logs for Apple's AirDrop feature, allowing the government to identify phone numbers or email addresses of those who shared content. China has a long history of censoring its people, requesting Apple block access to mobile apps, blocking encrypted messaging apps, such as Signal, and creating the Great Firewall of China to control what sites can be visited in the country. To get around censorship in the country, people turned to Apple's AirDrop feature, which doesn't require cellular service and uses Bluetooth and a private Wi-Fi network to send images and photos between devices.
Today, Bloomberg first reported that China's Beijing Wangshendongjian Judicial Appraisal Institute has discovered a way to extract the phone numbers, email addresses, and device names of those who sent and received an AirDropped image from device logs. The institute says that they conducted this research after Apple AirDrop was used to send "inappropriate" comments in the Beijing subway. "After preliminary investigation, the police found that the suspect used the AirDrop function of the iPhone to anonymously spread the inappropriate information in public places," reads an announcement by the Chinese government. "Due to the anonymity and difficulty of tracking AirDrop, some netizens have begun to imitate this behavior. Therefore, it is necessary to find the sending source and determine its identity as soon as possible to avoid negative impacts."
Using rainbow tables, the researchers claim to have been able to dehash these fields to gain access to the sender's information. China says they have already used this forensics ability to "identify multiple suspects involved in the case."
Bleeping Computer 01/09/2024