←back to thread

Cross-Platform P2P Wi-Fi: How the EU Killed AWDL

(www.ditto.com)
223 points stusmall | 8 comments | 28 Mar 25 13:13 UTC | HN request time: 1.229s | source | bottom
Show context
mschuster91 ◴[28 Mar 25 14:07 UTC] No.43505607[source]
The interesting question is authentication/authorization - at the moment, macOS greatly simplifies this as long as both devices belong to the same Apple ID. On the opposite side, Samsung does the same.

How will that work out?

replies(3): >>43505810 #>>43506001 #>>43506685 #
1. bigfish24 ◴[28 Mar 25 14:23 UTC] No.43505810[source]
For something like AirDrop this will need to be sorted out, but already work occurred to reverse engineer this: https://github.com/seemoo-lab/opendrop

Would be cool if an open standard on auth forms on top of this.

replies(2): >>43506428 #>>43506708 #
2. fire_lake ◴[28 Mar 25 15:09 UTC] No.43506428[source]
For this to succeed I think we need a C implementation that can be used by many languages and runtimes.
replies(2): >>43506720 #>>43510239 #
3. lxgr ◴[28 Mar 25 15:32 UTC] No.43506708[source]
How would an open implementation be compatible with this, given that Apple's implementation is based on an Apple-operated PKI?

Note that this is only a conversation about sender identification, which allows sending to a "non-world-visible" receiving device and confirmation-less sending to devices with the same iCloud account on them. Anonymous sending isn't cryptographically gated by Apple, to my knowledge.

replies(1): >>43510252 #
4. lxgr ◴[28 Mar 25 15:33 UTC] No.43506720[source]
Not in C, please, since this is something that by definition will handle at least some unauthenticated low-level protocol traffic.
replies(1): >>43511164 #
5. ryao ◴[28 Mar 25 21:56 UTC] No.43510239[source]
The AWDL part is in C:

https://github.com/seemoo-lab/owl

6. ryao ◴[28 Mar 25 21:58 UTC] No.43510252[source]
Their documentation suggests that is only needed by contacts only mode and they wrote some code to get the needed certificates from macOS:

https://github.com/seemoo-lab/airdrop-keychain-extractor

replies(1): >>43510582 #
7. lxgr ◴[28 Mar 25 22:34 UTC] No.43510582{3}[source]
That still requires you to have (access to) a Mac and an iCloud account.

It might be possible to reimplement the required Apple API, but as demonstrated by the iMessage/Beeper saga, they usually shut such things down pretty quickly.

8. apitman ◴[28 Mar 25 23:51 UTC] No.43511164{3}[source]
I'm impressed you managed to not use the R-word