16 August 2019
Apple devices come with tons of features that are aimed at improving the user experience. AirDrop and WiFi sharing are two such features which make sharing files and WiFi password respectively quite convenient and easier. But as discovered and reported by a security research firm Hexway, these features seem to be sharing more than what you might have agreed to or are aware of.
Both AirDrop and WiFi sharing features rely on Bluetooth connectivity for accomplishing their respective tasks. To be specific, Bluetooth LE is the technology that is used to transfer data packets between devices. The shared information includes details related to the user's devices including even the phone number.
Since Bluetooth LE is at the heart of the situation, the leaked information can be obtained even if you are not using features like AirDrop or WiFi sharing and simply have Bluetooth turned on. These details include the operating system version, phone status, WiFi status, battery level, and charging status. It is worth noting that this situation is not limited to iPhones and is also applicable to iPads, Mac, Apple Watch, and AirPods.
The researchers have mentioned that the phone number does not get leaked in plain sight. It becomes accessible as a partial cryptographic hash which means it is not like the number is out there for everyone to know. But for someone who knows what he is doing and is even a little bit committed to finding out the actual number, it would not be that difficult to decode the hash either.
Apple is yet to comment on the issue which means there is no official fix for the situation yet. But if you are concerned about the privacy of your device's phone number, it is advised that you keep the Bluetooth turned off unless and until you need to use it. This is something which might not be appreciated if you are an AirPods or/and Apple Watch user but there is no other way around for now.