AirDrop and Quick Share vulnerabilities affect protocols on five billion devices as fixes begin.

What Happened

Researchers at the CISPA Helmholtz Center for Information Security have discovered six vulnerabilities in Apple's AirDrop and Google/Samsung's Quick Share proximity file-transfer protocols. The team, led by Arash Ale Ebrahim and Nils Ole Tippenhauer, reverse-engineered the application-layer protocols, built a custom fuzzer for AirDrop, and ran targeted analysis on Quick Share. Their work is the first cross-platform look at how both stacks behave above the radio layer.

The researchers found that an attacker needs only to be within wireless range (typically 10-30 meters) of a device to trigger the vulnerabilities. No pairing, contact exchange, or shared network is required. The team discovered three pre-authentication issues in macOS/iOS AirDrop and two protocol-layer flaws in Samsung Quick Share.

Background and Context

Proximity-based file transfer is a fundamental feature of modern mobile and desktop operating systems. Apple's AirDrop, introduced in 2011, and Google's Nearby Share (now Quick Share), launched in 2020, collectively serve over five billion active devices. These protocols enable ad hoc peer-to-peer file transfer between nearby devices over a combination of Bluetooth Low Energy (BLE) for discovery and Wi-Fi for data transfer.

From a security perspective, proximity transfer protocols present a compelling attack surface. The attacker need only be within wireless range, and the initial protocol phases (service discovery and connection establishment) can be exploited to gain access to sensitive information or disrupt device functionality.

Why It Matters to the Industry

The vulnerabilities discovered in AirDrop and Quick Share have significant implications for adult-industry platforms and operators. The proximity-based nature of these protocols makes them attractive targets for attackers seeking to exploit sensitive information or disrupt device functionality. In the context of adult content, this could lead to unauthorized access to sensitive data, such as performer identities or payment information.

The use of AirDrop and Quick Share in public spaces also raises concerns about unwanted interactions and privacy leaks. As noted by Surfshark, "AirDrop is generally safe to use thanks to Apple's strong encryption and security design." However, the researchers' findings highlight the importance of secure configuration and user awareness when using these protocols.

What Comes Next

The researchers have responsibly disclosed their findings to Apple, Samsung, and Google. The companies have acknowledged the reports, and fixes are reportedly underway. In the meantime, users and platform operators should be aware of the potential risks associated with AirDrop and Quick Share and take steps to mitigate them.

Key Facts

  • The vulnerabilities affect over five billion active devices running Apple's AirDrop or Google/Samsung's Quick Share protocols.
  • An attacker needs only to be within wireless range (typically 10-30 meters) of a device to trigger the vulnerabilities.
  • Three pre-authentication issues were discovered in macOS/iOS AirDrop, and two protocol-layer flaws were found in Samsung Quick Share.
  • The researchers built a custom fuzzer for AirDrop and ran targeted analysis on Quick Share as part of their research.
  • Apple, Samsung, and Google have acknowledged the reports and are reportedly working on fixes.

Conclusion

The discovery of vulnerabilities in AirDrop and Quick Share highlights the importance of secure configuration and user awareness when using proximity-based file-transfer protocols. As the adult industry continues to rely on these technologies, platform operators and users must be vigilant in addressing potential risks and ensuring the security of sensitive information.