Security Researchers Alerted Apple to AirDrop Vulnerabilities in 2019, as Chinese Authorities Exploit Flaws
Researchers revealed that they warned Apple about potential vulnerabilities in its AirDrop wireless sharing feature as early as 2019, a revelation that comes in the wake of Chinese authorities allegedly using the flaws to track users of the tool. The security concerns surrounding AirDrop, which enables Apple users to share files wirelessly, have raised global privacy implications.
The Chinese government claims to have exploited AirDrop vulnerabilities to track users on the Beijing subway, raising concerns about Apple’s apparent inaction to address the flaws. AirDrop, a tool widely used by Apple customers worldwide for sharing photos and documents, has been previously utilized by pro-democracy activists in Hong Kong.
A Chinese tech firm, Wangshendongjian Technology, reportedly compromised AirDrop to identify users accused of sharing “inappropriate information” on the Beijing subway, according to judicial authorities in Beijing. The Chinese government’s actions have sparked internet freedom advocates to urge Apple to promptly and transparently address the security issue.
Despite the Chinese government portraying the exploit as an effective law enforcement technique, U.S. lawmakers, including Sen. Marco Rubio, have expressed concerns. Rubio called on Apple to act swiftly, emphasizing that the security breach could be exploited by Beijing to target any perceived opponents among Apple users.
German researchers at the Technical University of Darmstadt discovered the flaws in 2019 and claim to have informed Apple, but the company allegedly did not act on the findings. The researchers proposed a fix for the issue in 2021, but Apple did not implement it. The vulnerabilities reportedly allow the unauthorized collection of basic identifying information transferred between two Apple devices using AirDrop.
Privacy advocates and lawmakers argue that Apple must be held accountable for failing to safeguard its users against such security breaches. The revelation raises concerns about Apple’s relationship with China and the potential for authoritarian regimes to exploit U.S. tech products for their own purposes.
As the news emerges, Apple faces pressure to address the security flaws promptly. The implications extend beyond technical challenges, with potential political ramifications and the risk of further cooperation demands from Chinese authorities, who are already leveraging the disclosed vulnerabilities.
