According to a report by CNN, security researchers have disclosed that Apple was informed of vulnerabilities in its AirDrop feature as early as 2019.
The flaws, which Chinese authorities allegedly exploited to track users, have raised concerns about Apple’s response and its relationship with China. Chinese authorities claim to have cracked down on AirDrop, targeting pro-democracy activists in Hong Kong.
Benjamin Ismail, from Greatfire.org, emphasized the importance of Apple’s response, urging them to secure AirDrop against vulnerabilities. The exploit has also alarmed US lawmakers, with Senator Marco Rubio calling for immediate action to address the security breach.
Despite warnings from Germany-based researchers in 2019 and a proposed fix in 2021, Apple reportedly did not address the identified flaws. The Chinese authorities’ claim aligns with the techniques identified by the researchers in 2019.
While AirDrop’s device-to-device communication is typically secure, the lack of additional privacy measures, such as “salting,” made it easier for unauthorized parties to reverse-engineer encrypted data.
The Chinese tech firm responsible for the exploit, Qi An Xin, has a history of collaboration with Chinese law enforcement. Researchers say the intentional disclosure of the exploit by Chinese authorities may deter dissidents from using AirDrop.
Experts also speculate that Apple may face retaliation from Chinese authorities if it attempts to fix the issue, given China’s significant role as the largest foreign market for Apple.
This revelation not only poses a technical challenge for Apple but also a tough political problem, as China could leverage the exploit to force cooperation with security or intelligence demands.
