Google Project Zero: AWDL-based Zero-Click Exploit We’ll post updates once the paper is published. The resulting paper Disrupting Continuity of Apple’s Wireless Ecosystem Security: New Tracking, DoS, and MitM Attacks on iOS and macOS Through Bluetooth Low Energy, AWDL, and Wi-Fi just got accepted at USENIX Security ’21.
We reverse-engineered and analyzed more parts of Apple’s wireless ecosystem ( Continuity). Our Apple Continuity paper got accepted at USENIX Security ’21 Our open source Python implementation OpenWifiPass is now available at GitHub. OpenWifiPass: An Open Implementation of Apple's Wi-Fi Password SharingĪs part of our USENIX Security ’21 paper Disrupting Continuity of Apple’s Wireless Ecosystem Security: New Tracking, DoS, and MitM Attacks on iOS and macOS Through Bluetooth Low Energy, AWDL, and Wi-Fi, we reverse engineered Apple’s Wi-Fi Password Sharing. However, many components remained undisclosed – until now. Meanwhile, Apple released a partial specification of its system.
#Wifi direct demo sample app full version
Read the full version on the project website.Īlmost two years ago, Apple announced its new crowd-sourced Bluetooth location tracking system for offline devices. In particular, we showed that it is possible to learn the phone numbers and email addresses of AirDrop users – even as a complete stranger. We discovered two severe privacy leaks in this authentication mechanism. To determine whether the other party is a contact, AirDrop uses a mutual authentication mechanism that compares a user’s phone number and email address with entries in the other user’s address book. As people typically want to share sensitive data exclusively with people they know, AirDrop only shows receiver devices from address book contacts by default. PrivateDrop: Breaking and Fixing Apple AirDropĪpple AirDrop allows users to send photos and other media over a direct Wi-Fi connection from one Apple device to another. We thank everyone attending the demo session for the fruitful discussion! Our OpenHaystack project just won the ACM WiSec ‘21 Best Demo Award. OpenHaystack wins WiSec '21 Best Demo Award If you have questions or would like to collaborate, feel free to contact us.
#Wifi direct demo sample app code
You can read our publications and use our open source code projects. We started by investigating the Apple Wireless Direct Link (AWDL) protocol and will go beyond. Our goal is to assess security and privacy as well as enable cross-platform compatibility for next-generation wireless applications. We are researchers from the Secure Mobile Networking Lab at TU Darmstadt looking into Apple’s wireless ecosystem.
Welcome to the Open Wireless Link (OWL) project.