Quite a feat
Reverse-engineering a comms protocol to uncover a privacy-invading bug, that's some impressive work.
Finding a solution when the vendor says there isn't one, that is downright awesome.
Go Team Darmstadt !
Apple's AirDrop has a couple of potentially annoying privacy weaknesses that Cupertino is so far refusing to address even though a solution has been offered. A bug-hunting team at Technische Universität Darmstadt in Germany reverse engineered AirDrop – iOS and macOS's ad-hoc over-the-air file-sharing service – and found that …
Put into context, its easier to just get a pastebin db dump from compromised sites, plenty to choose from, and some mind boggling huge datasets too
In any case, if someone is too muppet to turn off shit when its not in use, stupid them
I’ve come to learn that nothing is secure, what is it now, 30+ Years of ‘computing’ and we (they) still cant get it right?
You know, the lock on your front door can be picked?
Your car is not safe either, window can be smashed
Scan for Bluetooth devices in any office building (when such things exist again) and I guarantee you will see a dozen "xxxx's iPhone" pop up and probably a few Androids as well. The average user turns Bluetooth on so they can use their phone in the car and then never turns it off again. Even worse, the device name identifies who it belongs to in almost all cases. If you try explaining to them that is a security issue they will look at you as if you're wearing a sandwich board with "THE END IS NIGH!!!!" written on it.
On a similar note, one of my neighbours tried to connect to my Nvidia Shield by Bluetooth recently. Why are they trying to connect to a device they don't know called SHIELD? It could be anything and clearly was not their device yet they tried to connect 6 times in an hour. Security? Viruses? They've maybe heard of them.
The average user leaves bluetooth on full stop. It talks to their watch, their computer, their speakers, their headphones, their car, tracking beacons, all sorts of things. It is useful and turning it on and off a pain in the arse, especially when it will then stop things working without fucking about to turn it back on again.
You can see a device and a name, ok, now what? There is no added security risk there beyond any potential bluetooth vulnerability. (or are you a hitman looking for your target?) Do you turn off wifi all the time as well? What about the actual cellular connection? All making the attack surface bigger. It's a trade off, something too many security professionals don't seem to grasp properly.
Enjoy your sandwich board.
> It sounds like this exchange goes on before the recipient prompts for permission. Otherwise it wouldn't know that a transfer is requested.
Yes, that's correct.
So the black hat sniffs the boss' phone at some prior encounter and is able to subsequently pretend to be the boss.
Later, at the office, the black hat can pretend to be the boss and try and send further malware to an unsuspecting employee.
Except that employee shouldn't be unsuspecting because they will receive a notification of an Airdrop from the boss but the boss isn't in the room.
No, I think you misunderstand - the hack is happening before any transfer, which would prompt the user, is attempted (and, in fact, no transfer is ever attempted).
The hacker guesses a bosses email and starts the AirDrop protocol with the employee's phone. It effectively sends "Hi, I'm Big Boss's phone - can we talk?". If the employee has previously used AirDrop with the boss, their phone replies "Hi, Big Boss - long time no talk. Fred's phone here. What can I do for you today?".
At that point, the attacker knows the target's name is Fred (actually it knows their email). The attacker does not bother to continue the AirDrop engagement and the employee's phone never notifies Fred about it because the boss's phone never went on to actually ask for anything.
Later, the attacker can spear-phish the employee with the typical email: "Hi. BigBoss here. Shit has hit the fan with our project: full emergency here! I have had to go to our Berlin office to sort something out and they need you to arrange an immediate payment of $50,000 to their bank account which is ...".
The attack doesn't involve actually trying to send anything with AirDrop - the AirDrop weakness is just a way to gather information such as email addresses for later spear phishing attacks.
> Unfortunately, Apple uses the 20-year-old SHA-256 algorithm to perform the hashing. Thus, it's possible to crack the SHA-256 hash of an AirDrop user's phone number and discover the original digits in milliseconds,
Are they actually cracking the hash, or just brute-forcing the phone number until they get a matching hash?
Because if they are brute-forcing the phone number then it doesn't matter what hash function is used. They will all be equally vulnerable.
Could anybody point me to a link explaining how an SHA256 hash can be cracked in milliseconds?
The fact the phone number is all digits and in a known format is clearly the real problem here, and there's no way to effectively encrypt it.
What they could do is add some junk to the phone number to make reversing it a lot more difficult - let's say instead of sending just digits each digit was preceded by a random letter A-Z that told the number of junk characters that would follow (A=1, B=2 etc.) so you hash a much larger string removing the known format shortcut to reversing it, but it would still match the stored hash for that phone number on the other device. You'd add some junk at the end too so all numbers are the same length regardless of how much junk between the digits there is.
Same thing for email, to avoid the "@gmail.com" type known plaintext problem.
If you wanna go fast, make a rainbow table. Stupid easy for the space of valid phone numbers.
Good news is with just a couple of clicks you can turn off Airdrop when you are not actually using it. Any your Bluetooth was probably helping beacons track and spy on you anyway.
Generally if people are airdropping stuff at you and not asking you with actual words, you might not want what their sending anyway.
...unless you are collecting evidence of harassment for a lawsuit, in which case that dick pick their trying to send may be the golden ticket to a generous out of court settlement.
This post has been deleted by its author
It's in the paper - I had the same question.
They're just brute-forcing it, going through the entire keyspace, which takes "seconds on a PC". The "milliseconds" bit is because they're guessing that users in Austria have austrian numbers, and then using what they know about Austrian numbers to reduce the search space.
@DS999 adding noise isn't going to help here - it's a blind exchange, so both parties start with zero knowledge of eachother. The only way to share information like _which_ noise to add is a public key exchange, which is bit wordy (although I expect they'll have to go down this route now).
Put another way, you can change the digit "3" for "super-diddlesticks" or add some sort of predefined function on the numbers, but you're still only working with 10^7 or however many possibilities. You'll always be able to search them exhaustively.
Someone has to be within bluetooth range for this so I'll live with it I guess. But nice research, boffins!
Researchers at Google's Project Zero found an iOS zero-click radio proximity exploit and published their work which incuded a facinating deep-dive into how the network protocol works if you're interested in this sort of thing.