Why hasn’t apple fixed the air drop problem: harassment and possible data hack via air drop

I was harassed this week in class by a student sending me a harassing photo via AirDrop. I had been trying to get data from my father‘s phone, after he passed away, and had changed it to accept everyone on my iPad. I thought a student was sending me work to hand in and accepted an air drop.


Now I am worried my data could’ve been hacked, my personal information could’ve been found out and I was harassed in addition- it is the worst feeling of being violated. I do not know why Apple has not fixed this problem- it has been going on obviously from questions I read here since 2016 at least. This is not acceptable. This should never have been allowed in the first place. You are putting people at risk. I have turned off airdrop on all of my devices now and I will never have it on again unless I am at home using it with family members who I explicitly trust.

Posted on May 12, 2022 1:41 AM

Reply
Question marked as Top-ranking reply

Posted on May 12, 2022 2:01 AM

You are clearly upset by your experience - but be assured that your data is very, very unlikely to have been compromised. You may have received inappropriate/unwanted material via AirDrop, but your data will not have been accessed.


Setting AirDrop to receive from Anyone will do exactly what it says - in that Anyone can send (and your device will receive) material or links that are transmitted to you. Generally, this setting should only be used temporarily - setting back to a more secure setting as soon as possible.


By contrast, setting AirDrop to receive from Contacts Only will inhibit receipt from all except people that you have configured as Contacts. By extension, setting to Receiving Off will disable all incoming material.


Whilst not excusing any harassment to which you have been victim, all harassment being unacceptable, maintaining appropriate/secure device configuration settings are the responsibility of the User. At the very least, to avoid repetition of your experience, you would be best advised to routinely either set AirDrop to Contacts Only (the more secure setting), or to Receive Off - enabling Everyone only by temporarily and by exception in settings that it is necessary.


I hope this insight and reassurance proves to be helpful.

4 replies
Question marked as Top-ranking reply

May 12, 2022 2:01 AM in response to macellie

You are clearly upset by your experience - but be assured that your data is very, very unlikely to have been compromised. You may have received inappropriate/unwanted material via AirDrop, but your data will not have been accessed.


Setting AirDrop to receive from Anyone will do exactly what it says - in that Anyone can send (and your device will receive) material or links that are transmitted to you. Generally, this setting should only be used temporarily - setting back to a more secure setting as soon as possible.


By contrast, setting AirDrop to receive from Contacts Only will inhibit receipt from all except people that you have configured as Contacts. By extension, setting to Receiving Off will disable all incoming material.


Whilst not excusing any harassment to which you have been victim, all harassment being unacceptable, maintaining appropriate/secure device configuration settings are the responsibility of the User. At the very least, to avoid repetition of your experience, you would be best advised to routinely either set AirDrop to Contacts Only (the more secure setting), or to Receive Off - enabling Everyone only by temporarily and by exception in settings that it is necessary.


I hope this insight and reassurance proves to be helpful.

May 12, 2022 5:04 AM in response to macellie

First, please understand that the Apple Support Communities are a user-to-user technical forum. Other than the site moderators, who ensure that the Terms of Use that govern participation within these Communities are followed, Apple do not themselves participate.


Contributors here are all end-users, just like you - trying to provide factual information, and where needed, guidance to those seeking help.


Unless your device has been jailbroken, be assured that your iPad will not have been directly compromised, or your data accessed, through simply receiving an unsolicited AirDrop. iOS/iPadOS has a sandboxed security architecture; cross-App data access is not possible.


While it is perfectly true that there are security vulnerabilities and exploits that pose a potential threat, the vast majority of those to which you are exposed require you to interact with (or respond to) a prompt to perform an action. Your description of events gives no indication that this has occurred - and as such can be reasonably excluded as a cause of concern for your data security.


I have attempted to outline both the cause of what has occurred - and methods of mitigating risk of recurrence. By your own admission, you did relax the security of AirDrop by enabling the Anyone setting. While failing to restore a more secure setting was a mistake, clearly made at a difficult and stressful time, it was nonetheless a user-error.


Clearly you have had an unpleasant experience that has (and is) causing you distress. I recognise this and make no representation to the contrary. What I have attempted to do is explain the reason that this event has occurred - and what you can do to prevent being a victim again.


As for your student’s behaviour and motives, perhaps your anger could be usefully directed toward modifying their perception of what is, and is not, acceptable in our society.

May 12, 2022 3:29 AM in response to LotusPilot

It is the responsibility of apple to warn people this could happen. You say no data has been accessed but you don’t know that for a fact and there is no way to track the sending of air drops. It is a huge flaw. This is all on apple and as I said it is going on since 2016, it is not acceptable. You need to read some of the other complaints here.


Telling me it is my responsibility is a cop out which tries to let apple off the hook for all of these flaws. You should not allow random access to people’s devices and keep no record of it, that is unsafe. When data is dropped hackers can get data, another flaw. In addition there have been numerous incidences of harassment using airdrop and you have done nothing to remedy it except to blame the victim as here. Without air drop you can’t randomly get into someone’s device as far as I know. People use air drop to harass etc. because they know that there is no way to track it unlike most other interactions.

May 14, 2022 7:55 PM in response to macellie

It is the responsibility of apple to warn people this could happen. You say no data has been accessed but you don’t know that for a fact and there is no way to track the sending of air drops. It is a huge flaw. This is all on apple and as I said it is going on since 2016, it is not acceptable. You need to read some of the other complaints here.


Telling me it is my responsibility is a cop out which tries to let apple off the hook for all of these flaws.


Actually, it is your responsibility - you might want to read the software licensing agreement which covers the Apple software installed including the iOS (operating system):


https://www.apple.com/legal/sla/docs/iOS15_iPadOS15.pdf


As well, being other Apple customers/users, there are no "cop outs" here - we are not employed by Apple and cannot discuss Apple policies on what they should or should not do.


This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

Why hasn’t apple fixed the air drop problem: harassment and possible data hack via air drop

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.