AirDrop: the dangers of file-sharing pranks with strangers – News

You are in a public place using your cell phone, texting or using social media. Unexpectedly, you receive a message via AirDrop: “John’s iPhone wants to share a photo”. João is not known, you can accept it or not, but it is necessary to understand the risks of this.

AirDrop is a feature present in Apple equipment that can be very useful in everyday life. The tool allows file sharing via Wi-Fi and Bluetooth in a simplified way, but is also useful for sending location, texts and images between Macs, iPhones and iPads.

The problem arises when the service is used in a negative and inappropriate way, either to carry out pranks or to send unwanted content and photos with the aim of causing inconvenience.

An example was the case of the “in-flight open bar promotion”, which went viral on TikTok. In the video shared on the social network, user Lucas Monteiro sent a fake image via AirDrop to the other passengers on the plane he was traveling on, asking them to say the name of the airline Latam aloud so that they could receive free drinks.

In the opinion of technology specialist and professor at FGV-RJ Arthur Igreja, the greatest risk of using AirDrop is accepting content from unknown persons that contain harmful files.

“Recently, I was on an airplane and a request came ‘Look, do you accept such a file from such a device?’, because if your device has ‘discovery’ open (AirDrop feature with active reception), the person can send this file and it can be anything, it can be harmful content”, says the professor.

Regarding the sharing of ‘malware’, a generic term for any malicious software, Avast’s senior mobile security engineer, Vojtěch Boček, reinforces that, although unlikely, there is a way to happen, as it is possible to transfer any content between two devices.

Church points out that the content may not be directly as a virus, but packaged in a sequence of files.

“You may receive a document that suddenly has a harmful link inside. So it doesn’t have to be a virus directly, but something that resembles a Trojan horse or similar strategy.”

According to the engineer, although AirDrop is a very secure way to send files, as it is encrypted and protected by Apple’s iCloud services, the feature has already failed.

“Last year, researchers discovered an information leak they dubbed ‘Aircollect’, in which attackers can collect the email and phone number of any device that is actively using AirDrop, within walking distance,” says the engineer.

Boček explains that ‘Aircollect’ appears to be a design flaw in the protocol, but that apparently Apple has not patched the vulnerability.

In this case, experts advise not to leave the cell phone ‘uncovered’, that is, keep the AirDrop feature with inactive reception, in addition to turning off Wi-Fi and Bluetooth if possible. It is also important to disable connections and automatic receipts.

“I always advise to use it in a specific way, that is, when you are going to use enable it, and check what you are authorizing and who you are authorizing”, he reinforces.

Android and other operating systems

But whoever believes that only Apple users should be careful with file sharing via Wi-Fi and Bluetooth is wrong. While Android, for example, doesn’t have a feature like AirDrop, which protects them against this particular leak of information, other proximity-sharing apps can be used.

“The ‘Blueborne’ exploit allowed anyone within range of a Bluetooth-enabled Android device to take control of the device if they had the right tools readily available,” recalls the Avast engineer.

Thus, the professor at FGV-RJ always recommends being cautious, which is valid for any type of operating system on any device, and being careful with which authorizations you made in the past, which sessions were open, with which other equipment you left your Wi-Fi, your routing pre-enabled.

“It’s these issues of granting access that are very critical and usually people don’t realize it, they go there and look and, suddenly, they created a hotspot (place where a wireless network can be used) on her cell phone without a password , with a standard or very obvious password, so everything there you are leaving an open door”, concludes the expert.

* Intern at R7under the supervision of Celso Fonseca

Source link

About Admin

Check Also

Nubank is depositing BRL 300 in customer accounts: see how to earn

The customers of Nubank, especially football fans, can receive various prizes from the digital bank …

Leave a Reply

Your email address will not be published. Required fields are marked *