China Cracks Apple Private Protocol — AirDrop Pwned
2024-1-11 01:32:24 Author: securityboulevard.com(查看原文) 阅读量:22 收藏

1989 Tiananmen Square “Tank Man” image, with the text “inappropriate speech” superimposedChinese citizens using peer-to-peer wireless comms “must be identified.”

The Beijing Bureau of Justice claims it can trace senders of Apple AirDrop messages. Chinese protesters have been using this iPhone protocol to privately spread memes of dissent against the regime. And the Party isn’t fond of that.

But, as it turns out, AirDrop isn’t as anonymous as they thought. In today’s SB Blogwatch, we taste the rainbow (table).

Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: MV history.

AirDrop Hashing is Weaksauce

What’s the craic? Yuanyue Dang reports from Beijing (via Honkers)—“China forensic firm cracks Apple’s AirDrop to help Beijing police track senders”:

Avoid bad influence
A Beijing-based forensics firm has helped police to track down people using Apple’s AirDrop feature to send “inappropriate speech,” according to the Chinese capital’s Bureau of Justice. … The bureau said forensic firm Beijing Wangshendongjian … had “broken through the technical difficulties of tracing anonymous AirDrops,” [and] “prevented the further spread and potential bad influence of inappropriate speech” on the Beijing subway, when a passenger’s iPhone received an unacceptable video via AirDrop.

“Due to the anonymity of AirDrop and the difficulty of tracking it, some netizens have already started to follow this behaviour, so the source of the transmission must be identified as soon as possible to avoid bad influence,” the article said. Because the feature could be used without an internet connection, it was difficult for police to regulate “through conventional internet surveillance means.”

What’s going on? Lawrence Abrams has more background—“China claims it cracked Apple’s AirDrop”:

Anti-Xi messages
China has a long history of censoring its people, requesting Apple block access to mobile apps, blocking encrypted messaging apps, such as Signal, and creating the Great Firewall of China to control what sites can be visited. … To get around censorship … people turned to Apple’s AirDrop feature, which doesn’t require cellular service and uses Bluetooth and a private Wi-Fi network to send images and photos.

During the 2019 pro-democracy protests in Hong Kong, protesters frequently used AirDrop to share pamphlets and posters. In 2022 … protestors again turned to AirDrop to spread awareness of protests and anti-Xi messages. Soon after, Apple released iOS 16.1.1, which limited the ability to receive AirDropped images from “Everyone” … for phones sold in China.

The firm speaks of rainbow table attacks on device logs. Which raises two big questions. 93 Escort Wagon drives the point home: [You’re fired—Ed.]

1) Does this imply Apple is not using salt, or is doing it incorrectly?

2) Since this involves accessing the device logs, would it work on non-Chinese-owned iPhones? I didn’t think the iPhone’s logs were generally accessible; but I also assume Chinese citizens are required to have additional software on their phones that gives the government more access.

But lxgr looks to a simpler answer:

There’s not much “cracking” involved. The sender’s (hashed) email address and phone number are just part of the protocol. This has been publicly documented by Apple for several years. … Given the low entropy of phone numbers, building a dictionary of all possible phone number hashes … is trivial.

It’s all Apple’s fault? Lollapalooza certainly thinks so:

Apple is totally dependent on China and is desperately trying to diversify out. They put all their eggs in one totalitarian basket. One wonders how much China “cracked” this and how much they were helped under the table to keep from making Apple’s life in China more difficult.

And Rosco P. Coltrane agrees:

I wonder if Apple helped Chinese authorities a bit? You know: A technical hint or two in passing, just so that they can continue having their products manufactured by Foxconn without difficulties while their Indian sweatshops are ramping up.

What should Apple do now? Here’s Edison Wrzosek:

If Apple doesn’t patch this … it will set a dangerous precedent for the rest of the oppressive governments around the world. … I hope Apple gives the CCP the well deserved middle finger and locks it down.

But is Apple even listening? 9secondkox2 suspects not:

Are you listening yet, Apple? … They are just throwing it in your face, publicly—bragging about it. … Time to leave China.

But here is Apple: “Oh, we will comply with applicable regional law.” Even when it violates basic human rights. … Shameful all the way around. I [am] completely baffled by their hypocrisy.

Wait. Pause. Why would China announce the capability, rather than keep it a secret? chatmasta explains:

Why bother catching and jailing all those people if you can scare them from their criminal acts in the first place? The Party wants to stop criticism—arresting people for it after-the-fact doesn’t undo whatever damage the Party perceived to itself, whereas scaring them prevents the criticism entirely. And scaring people is a lot more scalable than arresting them.

Meanwhile, iPay snarks it up:

So—Apple should give a bug bounty to China, right?

And Finally:

Wot, no Bohemian Rhapsody?

CW: Flashing lights, Jay Kay’s hat, Michael Jackson.

Previously in And Finally


You have been reading SB Blogwatch by Richi Jennings. Richi curates the best bloggy bits, finest forums, and weirdest websites … so you don’t have to. Hate mail may be directed to @RiCHi, @richij or [email protected]. Ask your doctor before reading. Your mileage may vary. Past performance is no guarantee of future results. Do not stare into laser with remaining eye. E&OE. 30.

Image sauce: U.S. Department of State

Recent Articles By Author


文章来源: https://securityboulevard.com/2024/01/china-apple-airdrop-richixbw/
如有侵权请联系:admin#unsafe.sh