What you should know
- The Chinese government claims to have developed a method to identify senders of messages via Apple‘s encrypted AirDrop feature.
- The Beijing Judicial Appraisal Institute, which developed the hack, suggests it has improved the efficiency and accuracy of case-solving and can prevent the spread of inappropriate or harmful content.
- A case study revealed the AirDrop encryption crack involved analyzing iPhone device logs to find records related to AirDrop, including the sender’s device name, email address, and mobile phone number.
- The development of this hack by a Chinese government entity raises concerns about privacy and freedom of expression, as it could potentially be used to identify and act against individuals disseminating undesirable or anti-government information.
Full Story
The Chinese government is boasting that it’s cracked the code. They say they’ve found a way to identify folks who send messages via the iOS AirDrop feature. This is despite Apple’s encryption.
A government institute in Beijing developed this state-sponsored hack. They’re pretty proud of it, too. They’re saying it’s made police work easier by helping to identify suspects, according to Bloomberg.
Beijing’s Judicial Appraisal Institute has been talking about it. They said that the “forensic appraisal of the case of improper information disseminated through ‘airdrop’ on mobile phones broke through the technical difficulties of anonymous traceability through AirDrop.” They’re claiming it’s a game-changer.
They say it improves the efficiency and accuracy of solving cases. It also helps prevent the spread of inappropriate remarks and potential bad influences.
A case study revealed the AirDrop encryption crack. It was developed by the Chinese forensic institute. The case involved improper messages, like the one you see in the headline image.
These messages were sent on the metro to anyone who had their iPhone feature turned on. The Beijing Wangshendongjian Forensic Appraisal Institute got to work. They created a 10-person team to apply the hacking knowledge.
This team included 6 forensic engineers. They used relevant certified equipment. The technical experts from the institute conducted an in-depth analysis of iPhone device logs. They found records related to AirDrop.
After inspection, they found that the sender’s device name, email address, and mobile phone number were recorded in hash values. Some of the hash value fields were hidden. To crack this field, the team created a detailed “rainbow table” of mobile phone numbers and email accounts. This table can convert the cipher text into original text and quickly lock the sender’s mobile phone number and email account.
So, the big news is that a Chinese government entity has managed to crack Apple’s AirDrop messaging encryption. They can now identify message senders and act accordingly.
Apple has been in hot water in China before over the AirDrop feature. They added the option to change the receiving threshold to contacts only after 10 minutes of inactivity. The Chinese government demanded this change. Protestors were using AirDrop to spread anti-government messages and posters.
Apple added the “contacts only” switch to iPhones worldwide. Now, under the guise of stopping improper message dissemination on the metro, China has seemingly devised a hack. They can now identify senders of undesirable information. This could have a chilling effect on anyone who’d like to exploit this messaging avenue for whatever purposes.