Snapdrop
Local file sharing in your browser - inspired by Apple's Airdrop.
You have to open https://snapdrop.net url in a Chrome or Firefox browser on any two devices to share files locally between them. Files are not uploaded to the cloud.
Both devices should be on the same local network for this to work.
Instructions and sources:
https://github.com/RobinLinus/snapdrop/blob/master/README.md
📡 @NoGoolag 📡 @Libreware
#snapdrop #share #transfer #filetransfer #airdrop
Local file sharing in your browser - inspired by Apple's Airdrop.
You have to open https://snapdrop.net url in a Chrome or Firefox browser on any two devices to share files locally between them. Files are not uploaded to the cloud.
Both devices should be on the same local network for this to work.
Instructions and sources:
https://github.com/RobinLinus/snapdrop/blob/master/README.md
📡 @NoGoolag 📡 @Libreware
#snapdrop #share #transfer #filetransfer #airdrop
snapdrop.net
Instantly share images, videos, PDFs, and links with people nearby. Peer2Peer and Open Source. No Setup, No Signup.
Forwarded from BlackBox (Security) Archiv
Apple’s AirDrop leaks users’ PII, and there’s not much they can do about it
Apple has known of the flaw since 2019 but has yet to acknowledge or fix it.
AirDrop, the feature that allows Mac and iPhone users to wirelessly transfer files between devices, is leaking user emails and phone numbers, and there's not much anyone can do to stop it other than to turn it off, researchers said.
AirDrop uses Wi-Fi and Bluetooth Low Energy to establish direct connections with nearby devices so they can beam pictures, documents, and other things from one iOS or macOS device to another. One mode allows only contacts to connect, a second allows anyone to connect, and the last allows no connections at all.
A matter of milliseconds
To determine if the device of a would-be sender should connect with other nearby devices, AirDrop broadcasts Bluetooth advertisements that contain a partial cryptographic hash of the sender's phone number and email address. If any of the truncated hashes matches any phone number or email address in the address book of the receiving device or the device is set to receive from everyone, the two devices will engage in a mutual authentication handshake over Wi-Fi. During the handshake, the devices exchange the full SHA-256 hashes of the owners' phone numbers and email addresses.
Hashes, of course, can't be converted back into the cleartext that generated them, but depending on the amount of entropy or randomness in the cleartext, they are often possible to figure out. Hackers do this by performing a "brute-force attack," which throws huge numbers of guesses and waits for the one that generates the sought-after hash. The less the entropy in the cleartext, the easier it is to guess or crack, since there are fewer possible candidates for an attacker to try.
The amount of entropy in a phone number is so minimal that this cracking process is trivial since it takes milliseconds to look up a hash in a precomputed database containing results for all possible phone numbers in the world. While many email addresses have more entropy, they too can be cracked using the billions of email addresses that have appeared in database breaches over the past 20 years.
https://arstechnica.com/gadgets/2021/04/apples-airdrop-leaks-users-pii-and-theres-not-much-they-can-do-about-it
#apple #mac #iphone #airdrop #vulnerability
📡 @nogoolag 📡 @blackbox_archiv
Apple has known of the flaw since 2019 but has yet to acknowledge or fix it.
AirDrop, the feature that allows Mac and iPhone users to wirelessly transfer files between devices, is leaking user emails and phone numbers, and there's not much anyone can do to stop it other than to turn it off, researchers said.
AirDrop uses Wi-Fi and Bluetooth Low Energy to establish direct connections with nearby devices so they can beam pictures, documents, and other things from one iOS or macOS device to another. One mode allows only contacts to connect, a second allows anyone to connect, and the last allows no connections at all.
A matter of milliseconds
To determine if the device of a would-be sender should connect with other nearby devices, AirDrop broadcasts Bluetooth advertisements that contain a partial cryptographic hash of the sender's phone number and email address. If any of the truncated hashes matches any phone number or email address in the address book of the receiving device or the device is set to receive from everyone, the two devices will engage in a mutual authentication handshake over Wi-Fi. During the handshake, the devices exchange the full SHA-256 hashes of the owners' phone numbers and email addresses.
Hashes, of course, can't be converted back into the cleartext that generated them, but depending on the amount of entropy or randomness in the cleartext, they are often possible to figure out. Hackers do this by performing a "brute-force attack," which throws huge numbers of guesses and waits for the one that generates the sought-after hash. The less the entropy in the cleartext, the easier it is to guess or crack, since there are fewer possible candidates for an attacker to try.
The amount of entropy in a phone number is so minimal that this cracking process is trivial since it takes milliseconds to look up a hash in a precomputed database containing results for all possible phone numbers in the world. While many email addresses have more entropy, they too can be cracked using the billions of email addresses that have appeared in database breaches over the past 20 years.
https://arstechnica.com/gadgets/2021/04/apples-airdrop-leaks-users-pii-and-theres-not-much-they-can-do-about-it
#apple #mac #iphone #airdrop #vulnerability
📡 @nogoolag 📡 @blackbox_archiv
Ars Technica
Apple’s AirDrop leaks users’ PII, and there’s not much they can do about it
Apple has known of the flaw since 2019 but has yet to acknowledge or fix it.
#Apple Again Comes to Aid of #China's Communist Party Amid Protests
Those speaking out against the Chinese Communist Party are finding themselves without a key method of sharing information under China's censorious regime, thanks to Apple's decision to limit the ability of iPhone users in China to pass files from device to device, bypassing the CCP's censors and surveillance state.
#AirDrop, the file-sharing feature on iPhones and other Apple devices, has helped protestors in many authoritarian countries evade censorship. That’s because AirDrop relies on direct connections between phones, forming a local network of devices that don’t need the internet to communicate. People can opt into receiving AirDrops from anyone else with an iPhone nearby.
That changed on Nov. 9, when Apple released a new version of its mobile operating system, iOS 16.1.1, to customers worldwide. Rather than listing new features, as it often does, the company simply said, “This update includes bug fixes and security updates and is recommended for all users.”
Hidden in the update was a change that only applies to iPhones sold in mainland China: AirDrop can only be set to receive messages from everyone for 10 minutes, before switching off. There’s no longer a way to keep the “everyone” setting on permanently on Chinese iPhones. The change, first noticed by Chinese readers of 9to5Mac, doesn’t apply anywhere else.
https://townhall.com/tipsheet/spencerbrown/2022/11/28/apple-caves-to-ccp-pressure-limits-file-sharing-capability-on-iphones-in-china-n2616445
https://finance.yahoo.com/news/apple-hobbled-crucial-tool-dissent-185100767.html
Those speaking out against the Chinese Communist Party are finding themselves without a key method of sharing information under China's censorious regime, thanks to Apple's decision to limit the ability of iPhone users in China to pass files from device to device, bypassing the CCP's censors and surveillance state.
#AirDrop, the file-sharing feature on iPhones and other Apple devices, has helped protestors in many authoritarian countries evade censorship. That’s because AirDrop relies on direct connections between phones, forming a local network of devices that don’t need the internet to communicate. People can opt into receiving AirDrops from anyone else with an iPhone nearby.
That changed on Nov. 9, when Apple released a new version of its mobile operating system, iOS 16.1.1, to customers worldwide. Rather than listing new features, as it often does, the company simply said, “This update includes bug fixes and security updates and is recommended for all users.”
Hidden in the update was a change that only applies to iPhones sold in mainland China: AirDrop can only be set to receive messages from everyone for 10 minutes, before switching off. There’s no longer a way to keep the “everyone” setting on permanently on Chinese iPhones. The change, first noticed by Chinese readers of 9to5Mac, doesn’t apply anywhere else.
https://townhall.com/tipsheet/spencerbrown/2022/11/28/apple-caves-to-ccp-pressure-limits-file-sharing-capability-on-iphones-in-china-n2616445
https://finance.yahoo.com/news/apple-hobbled-crucial-tool-dissent-185100767.html
townhall.com
Apple Again Comes to Aid of Chinese Communist Party Amid Protests
Apple hobbled a crucial tool of dissent in China weeks before widespread protests broke out - QUARTZ
AirDrop, the file-sharing feature on iPhones and other Apple devices, has helped protestors in many authoritarian countries evade censorship. That’s because #AirDrop relies on direct connections between phones, forming a local network of devices that don’t need the internet to communicate. People can opt into receiving AirDrops from anyone else with an iPhone nearby.
SOURCE
@NoGoolag
AirDrop, the file-sharing feature on iPhones and other Apple devices, has helped protestors in many authoritarian countries evade censorship. That’s because #AirDrop relies on direct connections between phones, forming a local network of devices that don’t need the internet to communicate. People can opt into receiving AirDrops from anyone else with an iPhone nearby.
SOURCE
@NoGoolag
This media is not supported in your browser
VIEW IN TELEGRAM
🇺🇸 #Apple CEO and Covidian Chinese Party collaborator Tim Cook completely ignores questions on assisting the CCP against Chinese dissidents.
"Do you support the Chinese people's right to protest?" asked Fox News.
Tim Cook: *Silence*
"Do you regret restricting #AirDrop access that protesters used to evade surveillance from the Chinese government?"
Tim Cook: *Silence*
"Do you think it's problematic to do business with the Communist Chinese party when they suppress human rights?"
Tim Cook: *Silence*
So Apple now aligns against freedom of speech AND human rights. What would you expect from a company that has exploited Chinese labor for so long?
"Do you support the Chinese people's right to protest?" asked Fox News.
Tim Cook: *Silence*
"Do you regret restricting #AirDrop access that protesters used to evade surveillance from the Chinese government?"
Tim Cook: *Silence*
"Do you think it's problematic to do business with the Communist Chinese party when they suppress human rights?"
Tim Cook: *Silence*
So Apple now aligns against freedom of speech AND human rights. What would you expect from a company that has exploited Chinese labor for so long?