The Chinese government announced it was able to crack Apple’s AirDrop to prevent “people with malicious purposes” from “transmitting illegal pictures, videos, audio, and other files.” The information was first spotted by Bloomberg.
In an online post, the Chinese state-backed institution praises this “technological breakthrough,” as it can now identify people sending AirDrop in public places by their e-mails and phone numbers and block their devices.
Interestingly, this discovery will now worsen public surveillance in the country. In November 2022, Apple already limited AirDrop usage in China as anti-government activists spread political information during riots. At the time, the “Everyone” option was turned off after 10 minutes.
After some backlash, Apple implemented this limitation as a feature for users across the globe with iOS 16.2.
Here’s how China was able to crack AirDrop
According to the government, it was able to extract and analyze AirDrop’s records. It was found that the fields related to the sender’s device name, e-mail address, and mobile phone number are recorded as hash values, and some fields related to the has value were hidden.
To crack this, the technical team behind this discovery created a “rainbow table” of mobile phone numbers and e-mail accounts, which can convert the cipher text into original text and quickly lock the sender’s mobile phone number and e-mail account.
At this time, it’s unclear if Chinese authorities can block activists’ phones who send AirDrop files during riots – or people pranking others at the subway – by distance or if they can only get this data in controlled environments.
Still, if these phones are apprehended, it’s possible that they can discover someone sending “illegal pictures” to others.
Apple hasn’t commented on this matter, and it’s unclear if the company could patch this security flaw. Since China plays a significant role in the company’s supply chain, it’s more likely that Cupertino will “forget” about it, as it usually complies with China’s censorship in apps, movies, books, and more.
