In the five billion device problem, check out these AirDrop and Quick Share options

Many users use Apple AirDrop or Android Quick Share to send photos and share files. New research, however, reveals security flaws in both features that could affect more than five billion iPhones, Androids, and other compatible devices worldwide.

A total of three vulnerabilities were found in the Apple AirDrop feature. An attacker located approximately 10 to 30 meters away can send specially crafted packets and cause the AirDrop background service to stop working.

AirDrop and Quick Share vulnerabilities do not steal data, but they can block multiple system functions

The attack does not require prior pairing of devices, connection to the same Wi-Fi network, or user approval.

The problem is that the same background service uses not only AirDrop, but also AirPlay, Handoff, Universal Clipboard and Continuity Camera. If the service stops working, at the same time all these functions related to authorization may become unavailable.

READ ABOUT:  Do you share your digital game collection with anyone?

If the attacker continues to send packets of malicious data, said services may remain blocked as long as the attack lasts. It is important to emphasize that the flaws found do not allow the theft of photos, files or other personal data from the device. An attacker also cannot directly take control of the phone.

It is primarily a denial of service attack, i.e. a DoS attack, whose goal is to temporarily disable certain functions, not to cause data theft.

Similar problems were found in Android’s Quick Share feature. Vulnerabilities related to bypassing identity verification and memory management are reported.

Apple and Google have already patched some of the discovered vulnerabilities, but users are still advised to check the data sharing settings on their devices.

READ ABOUT:  Announced Hard West II, we’re playing it on PC as early as this year

AirDrop and Quick Share should not be set to “Everyone” at all times. A more secure setting is “Contacts Only”. When functions are not needed, it is best to turn them off completely. This reduces the possibility of the device responding to unwanted requests from close range.

For the majority of users, the mentioned failures are primarily an inconvenience, and not a serious threat to private data. However, a simple change of settings can further reduce the risk of blocking the functioning of AirDrop, Quick Share and related system functions, writes mydrivers.

Source link