Mike Snider, *USA Today*, 24 Apr 2021, via ACM TechNews, 26 Apr 2021

Scammers could exploit a bug in iPhones and MacBooks' AirDrop feature to
access owners' email and phone numbers, according to researchers at
Germany's Technical University of Darmstadt (TU Darmstadt). AirDrop allows
users with both Bluetooth and Wi-Fi activated to discover nearby Apple
devices, and share documents and other files; however, strangers in range of
such devices can extract emails and phone numbers when users open AirDrop,
because the function checks such data against the other user's address book
during the authentication process. The researchers said they alerted Apple
to the vulnerability nearly two years ago, but the company "has neither
acknowledged the problem nor indicated that they are working on a solution."
They recommend users disable AirDrop and not open the sharing menu, and to
only activate the function when file sharing is needed, then deactivate it
when done.


By admin