苹果 2019 年就从研究者那里知道了此事,至今没有改变。
https://www.ithome.com/0/548/301.htm
当用户启动 AirDrop 功能时,苹果会将用户电话号码、电子邮箱以加密形式传播到其 Wi-Fi 和蓝牙范围内,以检测附近可连接设备。如果用户与另一设备通过 AirDrop 匹配成功,双方将会交换电话和电子邮件信息的完整的加密散列( SHA-256 散列)。
https://arstechnica.com/gadgets/2021/04/apples-airdrop-leaks-users-pii-and-theres-not-much-they-can-do-about-it/
To determine if the device of a would-be sender should connect with other nearby devices, AirDrop broadcasts Bluetooth advertisements that contain a partial cryptographic hash of the sender's phone number and email address. If any of the truncated hashes matches any phone number or email address in the address book of the receiving device or the device is set to receive from everyone, the two devices will engage in a mutual authentication handshake over Wi-Fi. During the handshake, the devices exchange the full SHA-256 hashes of the owners' phone numbers and email addresses.
向 Wi-Fi 广播电话号码的 SHA-256 ?想出来这个办法的人真是天才(天杀的蠢材)。
https://www.ithome.com/0/548/301.htm
当用户启动 AirDrop 功能时,苹果会将用户电话号码、电子邮箱以加密形式传播到其 Wi-Fi 和蓝牙范围内,以检测附近可连接设备。如果用户与另一设备通过 AirDrop 匹配成功,双方将会交换电话和电子邮件信息的完整的加密散列( SHA-256 散列)。
https://arstechnica.com/gadgets/2021/04/apples-airdrop-leaks-users-pii-and-theres-not-much-they-can-do-about-it/
To determine if the device of a would-be sender should connect with other nearby devices, AirDrop broadcasts Bluetooth advertisements that contain a partial cryptographic hash of the sender's phone number and email address. If any of the truncated hashes matches any phone number or email address in the address book of the receiving device or the device is set to receive from everyone, the two devices will engage in a mutual authentication handshake over Wi-Fi. During the handshake, the devices exchange the full SHA-256 hashes of the owners' phone numbers and email addresses.
向 Wi-Fi 广播电话号码的 SHA-256 ?想出来这个办法的人真是天才(天杀的蠢材)。
Select Language