This is a very good article that explains what airdrop is and what the problem is. I’m not an iphone user so I had no clue about any of it before.
I remember sending pictures to friends since bluetooth was on dumb phones, but apple really needs their own special name.
I keep airdrop off primarily for battery conservation and to avoid false/prank drops, but it’s nice to know I’ve been avoiding this risk as well.
Unfortunately most iPhone users I know forget airdrop even exists and it just stays on constantly.
On the bright side, it only affects people who actually use the feature, so as long as your friends aren’t being actively followed or AirDropping something in the middle of a protest, you’re probably fine.
It does, however, mean you might not want to accept random stuff…
researchers… have used these vulnerabilities to help police to identify the sender of “unauthorized” AirDrop materials, using a technique based on rainbow tables.
Why not just add a timestamp that rotates every, say 5 seconds, to the hashed data?
That would make it infeasible to precompute the table permanently (it would have to be precomputed for a very narrow attack window, which is still better than nothing)