iPhone AirDrop message senders can now be identified as Beijing cracks Apple encryption logs
The Chinese government claims that it has found a way to identify those who send messages via the iOS AirDrop feature, despite Apple's encryption. The government institute in Beijing that developed the state-sponsored hack bragged that it has resulted in facilitating police work by easier suspect identification, reports Bloomberg.
According to Beijing's Judicial Appraisal Institute, the "forensic appraisal of the case of improper information disseminated through 'airdrop' on mobile phones broke through the technical difficulties of anonymous traceability through AirDrop, improves the efficiency and accuracy of case-solving and prevents the spread of inappropriate remarks as well as potential bad influences."
The case study that revealed the AirDrop encryption crack developed by the Chinese forensic institute involved improper messages like the one you see in the headline image sent on the metro to all those around who had their respective iPhone feature turned on. The the Beijing Wangshendongjian Forensic Appraisal Institute got to work and created a 10-person team to apply the hacking knowledge, including 6 forensic engineers and the relevant certified equipment:
Forensic technical experts from the Beijing Wangshendongjian Forensic Appraisal Institute conducted an in-depth analysis of iPhone device logs to clarify the transmission principle and found records related to AirDrop. After inspection, it was found that the fields related to the sender's device name, email address, and mobile phone number were recorded in the form of hash values, and some of the hash value fields were hidden. In order to quickly crack this field, the technical team created a detailed "rainbow table" of mobile phone numbers and email accounts, which can convert the cipher text into original text and quickly lock the sender's mobile phone number and email account.
Needless to say, the big news here is that a Chinese government entity has somehow managed to crack Apple's AirDrop messaging encryption in order to identify message senders, then act accordingly. Apple has been in hot water about the AirDrop feature in China before, when it added the option to change the receiving threshold to contacts only after 10 minutes of inactivity.
The Chinese government demanded the change because of protestors who used AirDrop to disseminate antigovernmental messages and posters, but then Apple added the "contacts only" switcheroo to iPhones worldwide, too. Now, under the pretext of stopping improper message dissemination on the metro, China has seemingly devised a hack to identify senders of undesirable information which should have a chilling effect to anyone who'd like to exploit this messaging avenue for whatever purposes.
Things that are NOT allowed: