Hacker News new | past | comments | ask | show | jobs | submit login
China Says It Cracked Apple AirDrop to Identify Message Sources (bloomberg.com)
11 points by impish9208 on Jan 9, 2024 | hide | past | favorite | 21 comments



Title is a bit incorrect though the body quickly clarifies. They claim they’ve cracked the log encryption on device, not the protocol itself.

> The Beijing institute developed the technique to crack an iPhone’s encrypted device log to identify the numbers and emails of senders who share AirDrop content

It would require unfettered access to a device/backup or probably a zero day to bootstrap it. Both are things I suspect they’d try, but it does change the substance of the claim significantly, as well as ease of updating encryption techniques for OS updates.



There's not much "cracking" involved. The sender's (hashed) email address and phone number are just part of the protocol. This has been publicly documented by Apple for several years now:

https://support.apple.com/guide/security/sec2261183f4/web

Given the low entropy of phone numbers, building a dictionary of all possible phone number hashes (and all known email hashes, or just every possible alphanumeric combination under a certain length) is trivial.


This is not new at all. I did this 2-3 years back to find the phone number of some teachers/classmate with some random open source tool on GitHub.


Related: Apple limits AirDrop 'Everyone' option to 10 minutes in China (https://techcrunch.com/2022/11/09/apple-limits-airdrop-every...)


Where is the source of this "Bejing institute"'s claim? That can at least show that they "claim" it "on behalf of" (the government of) China.

Is it me or the title seems problematic?



Why would they publicly announce that?


To make people nervous about doing it, whether they are somewhere that they are somewhere they are being heavily monitored like a parade, or out with friends some night on a side street. Telling people there is a chance they could get caught goes a lot farther than catching a few in secret.


If they do not have a good way of catching people this thinking makes sense. As a deterrent. Assuming they could easily catch them, it's more logical to do so and find out what subversive stuff people are sending each other. They can also blackmail those who get caught into giving up more info about their friends and networks. Gives them a lot more control vs warning people that airdrop is compromised. Thanks CCP, that's good to know for anyone who's active against the government :)

I do agree with your take but I think they're lying.


I'd wager that most Chinese citizens are aware that the government monitors most domestic communications and sends thousands of warrants to Apple every year. It's really not that different in America, given how people joke about the FBI agent in their cellphone with disquieting regularity. If you're a target of either government, your brand allegiance doesn't matter when the white van shows up outside.

China could be lying, but it seems like they already have a high degree of control over domestic electronics. Demonstrations like this are probably more valuable as a threat to political whistleblowers than as an exploit to learn what they likely already know.


Why bother catching and jailing all those people if you can scare them from their criminal acts in the first place? The Party wants to stop criticism; arresting people for it after-the-fact doesn't undo whatever damage the Party perceived to itself, whereas scaring them prevents the criticism entirely. And scaring people is a lot more scalable than arresting them.


That's what I'm saying. It's far more valuable to use Airdrop surveillance as a deterrent than it is to actually try gaining intelligence on systems they already control.


Under Xi the regime has become ever more authoritarian. Chinese citizens are aware of the surveillance but dissidents have been using airdrop for a while now to share anti-government media and information anonymously with random strangers in crowded places, like the subway. The kind of stuff they'd previously share on the internet but which has become too risky.

This has been a thorn in the Party's eye for some time now. If it's true and they cracked it, it would mean the final major way Chinese residents can share information outside of government control is gone. I wouldn't take their word for it though. Announcing it just means Apple would work on a fix. So why not keep it secret and exploit the vulnerability?


> If it's true and they cracked it, it would mean the final major way Chinese residents can share information outside of government control is gone.

Airdrop was the final way? That sounds unlikely. With iPhone marketshare in China at like 20% I would be surprised if it was even the current primary way, let alone the only way.


> Announcing it just means Apple would work on a fix.

Bold of you to assume Apple stands up to government surveillance: https://www.macrumors.com/2023/12/06/apple-governments-surve...


Except that this doesn't make things much harder for those willing to share.

If you use your main phone, connected to your sim card - sure it's easy to identify you. OTHO you can just get a burner iPhone 6 or something similar at a flea market, keep it off the Wi-Fi/cellular network and still run the airdrops with little risk of your real id being leaked.


> it would mean the final major way

Highly doubt that.



This seems to be getting published everywhere like it's new, and maybe it's a new exploit, however a group was able to do this in 2021 (which was fixed, so not clear if this is a new exploit): https://cyberhoot.com/blog/apple-airdrop-vulnerability/


This is indeed not new. In fact, it’s documented by Apple that AirDrop reveals a hash of the sender‘s email address and phone number. Reversing these is trivial (for the phone number)/usually doable (for the email address).




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: