If I am understanding the article correctly, this is unpatched and apple haven't even had any warning as they've not disclosed any of this as they didn't consider it a vulnerability (I think I would disagree but haven't fully digested the article)
Edit - it's 3 years old I'm guessing they have made some changes since
Yes by they I meant the author, I would consider it information disclosure, this data is meant to be private and the designers have made an attempt to keep it that way.
The article is from 2020 so I’m curious: how much of this is still valid today?
Especially:
> Broadband BLE requests contain your data, namely, SHA256 hashes of your phone number, AppleID, and email. Only the first 3 bytes of the hashes are sent, but that's enough to identify your phone number
Is that a viable way of accessing someone’s phone number in 2023?
It's doable. Out of 100 million numbers here in Spain and 16 million possible 3-byte hashes, there will be 6 possible numbers for each 3-byte hash on average. That's low enough for trial and error.
There's always a hard balance to strike between security and usability, and it's impossible to get right. It seems that it's less Apple and more Bluetooth that the author is concerned about, and simply turning it off will prevent every issue listed. (And given the point of Bluetooth is to connect with devices around you, it seems reasonable to assume that people with it on would like these connections to happen.)
> Well, AirDrop seems to be less anonymous than we thought. It's possible to identify you: your phone sends out SHA256 your phone number hash to all the devices around you every time you hit Share.
And if you don’t know the phone number you can brute force that pretty easily and it’s all the same. How many bits of enthropy are there on phone numbers?
All it does is marginally increase the cost of reverse engineering the sha2. Instead of having a rainbow table of every phone number’s salt, you generate one with that salt whenever you want to get the phone number it broadcasted.
Yeah and you probably won't even need to rainbow that because it's a pretty quick operation on a decent GPU. For example here in Spain we have only 100 million mobile numbers. That sounds like a lot but it's peanuts for a gpu. Going through the entire keyspace would take a fraction of a second because my 4090 can do 20 billion salted SHA256 hashes per second!
Surprising that Apple can devise an authentication method for the battery that is strong enough to prevent all 3rd party phone repairs whatsoever, but when it comes to wirelessly authenticating another iPhone for purposes of deciding whether to share or not your Wi-Fi password, then there's no check whatsoever...
Turn off airdrop for non contacts? Turn off airdrop? Pretty misleading of them saying every time you click share instead of share with airdrop everyone can see some info.
My guess is that the SHA2 of the phone number is used for exactly this feature, so you can accept connections from your contacts only (your iPhone most likely already has a SHA2 calculatedfor each contact phone number) and ignore the rest.
Your phone will probably broadcast its hash in that scenario too.
Yes, very much so. It is also a mass generalization and a complete falsehood when the author makes bold claims like "Gen Z is using AirDrop to cheat". But they seem completely fine with their extremely generous claims.
Voicing my suspicion will get ny comment flagged as well I suspect, but consider the HN reader base, what they get paid to do, and come to your own biased conclusions like I did. Many here feel that an attack on 'free' data, or a top tech company, is an attack on their livelyhood, and they are correct. Also the article is a bit overblown in many aspects which gives the clickbait anger response. Both, I feel, are valid reasons to flag this, even if I personally think many points in the post remain relevant.
Assuming that there's some functionality by which if you know someone's phone number, you can identify them in some UI, how would you salt this?
Do you salt all the phone numbers with the same salt? Do you send out the salt and expect phones to respond with the salted hashes (in which case, how does this achieve anything?). Do you salt based on geographic location? (Again...) Do you make every phone use the same salt and try to hide it?
What would salting do? The sender would need to share the salt anyway. I guess it would eliminate a database of number hashes approach but brute forcing a salted phone number hash should not be a big problem in any case.
Salting would prevent an attacker from being able to find your phone number by hashing every possible phone number in your area code and comparing each hash with what they captured over the air.
SHA-256 is designed to be quick to compute, so with salt and maybe some guessing of area code the march can be found within seconds. For salt to make a difference they’d need to use some intentionally slow hash functions, like bcrypt.
Not really. As the salt is known, they can still do this easily. They just can't make a rainbow table of it. That's the only thing salting really accomplishes.
Just out of curiousity, took a look at some benchmarks and apparently a M2 macbook pro can hit 300MH/s easily. That would mean something like 30 seconds to hash the entire search space. I guess specilaized GPU implementations can do a lot better.
Take this with a grain of salt though, I did not test the speed claim myself.
