Back in 2011, Apple engineers masterminded an awesome feature called AirDrop. It’s intended to facilitate file transfers among supported devices. The process is amazingly simple and doesn’t require device pairing at all – it works out of the box and only takes a few clicks or taps to complete a file exchange. Since AirDrop uses a combo of Wi-Fi and Bluetooth protocols, the data transfer speeds are huge.
Interestingly, some tricks may allow you to extend the use of this feature beyond simply sending files. For example, you can find out the phone number of another person who is in the same subway car with you. I’ve been recently using this feature to meet new people on my way to work, in public transport, and all kinds of diners. Sometimes I walk out of the subway with a new friend. Intrigued? This article will cover the ins and outs of this unorthodox way of using AirDrop.
How AirDrop works
AirDrop is a service for data transfers within a peer-to-peer network. It can function via a classic local network and over the air between any Apple devices. I’m going to dwell on the latter scenario, where two nearby devices don’t have to be connected to the same network. For instance, two people are riding the subway and their smartphones aren’t connected to the same public Wi-Fi.
To start a data transfer session via AirDrop, the sender’s smartphone broadcasts a BLE (Bluetooth low energy) advertising packet that contains hashed information about the sender’s iCloud account and telephone number. This packet requests a connection via AWDL (Apple Wireless Direct Link), which is reminiscent of Android’s Wi-Fi Direct.
On the receiving side, the status of the AirDrop feature can be one of the following:
- Receiving Off – the device cannot be detected at all.
- Contacts Only – it can only receive files from the user’s contacts. For the record, a contact is a phone number or email tied to the iCloud account.
- Everyone – the device can receive files from any users nearby.
Depending on the privacy preferences, the phone will either accept the AWDL connection or it will simply ignore the BLE advertising packet. If the “Everyone” option is selected, then the devices will get connected via AWDS at the next stage. Then, they will form an IPv6 network connection with each other. AirDrop will be operating within this network as an applied protocol using mDNS (multicast DNS) via standard IP communication.
How to meet new people using AirDrop
You’ve had enough of boring theory, so let’s now move on to practice. Although online dating is very popular, you can grab your smartphone and go hook up with someone offline using modern technology. But first, keep the following nuances in mind:
- The trick only works if the receiving smartphone is unlocked at the moment – ideally, your target should be gazing at their device. This is mostly the case in places where people are bored, such as the subway.
- Take your time – a successful “conversion” usually occurs after you send a couple of pics, therefore you need to stay at the same spot for at least five minutes. I think of a successful “conversion” as a moment when you negotiate over AirDrop to continue chatting in the messenger. This is hard to do on the go because it could be problematic to figure out right away who has accepted your payload, so your target will most likely walk away before you get the chance to settle on further communication.
- Personalized files work better – I’m sure the best payload is some eye-catching media content you’re sending via AirDrop. A vanilla image with a meme in it probably won’t do the trick. The content should be aligned with the situation and imply a clear-cut call to action.
The classic method – nothing but the smartphone
This one is suitable for everyone who owns an iPhone, and it doesn’t require any particular skills except the ability to socialize. Turn on the “Everyone” mode in AirDrop settings and head to the subway. According to my observations, almost all iDevices broadcast the owner’s name, which allows you to easily determine their gender and prep the appropriate payload.
As previously mentioned, a unique payload is more effective. Ideally, the pic should include the owner’s name. The fun part is that this image used to be shown right on the victim’s display without any extra actions on their end. The person didn’t even have to tap “Accept” or anything like that, so you could instantly see the reaction.
I mostly created these images using the graphics editing component built into the Notes app, plus a crude version of the mobile Photoshop tool. As a result, I would often have to walk out of the subway car before the right image was ready. While I was refining my drawing skills, iOS 13 was released. One of the changes introduced in this version is that images received from unfamiliar users are no longer displayed on the screen. Instead of the graphical preview, the person only sees the sender’s name.
In other words, the only way to address the target by name in iOS 13 onward is to specify it in your iPhone settings. For instance, you can rename your device as “Hi Emily!”. Speaking of which, here’s a quick tip: you can include emoji in your gadget’s name. Of course, this technique isn’t nearly as impressive as sending a custom image, but it still increases the odds of the target tapping the “Accept” button.
Further actions are a matter of your creativity and sense of humor. There’s one thing I can say for sure: those who join this game and start replying with images or send you notes are usually very easy-going and interesting people. On the other hand, those who don’t reply or simply reject your message tend to be snobs who think too highly of themselves. Also, the fear factor plays a role in some cases: shy and oversensitive people are afraid to interact with a pushy stranger.
The bottom line
This is the perfect way to have fun in the subway. It’s got a wow effect that lures curious people. I bet some of your new acquaintances won’t mind playing along. Some might even change their plans and exit the subway at your station to have a coffee together. I’ve met a lot of new people in a year’s time and continue to communicate with some of them.
Unfortunately, not all tricks targeting Apple devices are as harmless as this one. Malicious actors are increasingly infecting Mac computers and iPhones with malware these days, and many of these campaigns also have a flavor of social engineering. An example is the ongoing adware distribution stratagem that relies on deceptive pop-up alerts stating that your Adobe Flash Player is out of date. Instead of installing the purported update, though, these ads promote browser hijackers and scareware.
To keep your Apple devices safe, avoid application bundles that may conceal malicious code under the guise of benign software. Be sure to keep your operating system and third-party apps up to date – this will address all recently discovered vulnerabilities and harden the overall security of your macOSand iOS or device. Furthermore, refrain from clicking on links received from strangers as they might lead to malware downloads and phishing sites.
It’s a good idea to audit the privacy settings of your most-used apps. In particular, make sure they don’t have access to sensitive data such as your location unless they really need it to work right. Also, keep your devices locked when not in use and specify strong passwords to prevent unauthorized access.
About the Author:
David Balaban is a computer security researcher with over 17 years of experience in malware analysis and antivirus software evaluation. David runs Privacy-PC.com and MacSecurity.net projectsthat present expert opinions on contemporary information security matters, including social engineering, malware, penetration testing, threat intelligence, online privacy, and white hat hacking. David has a strong malware troubleshooting background, with the recent focus on ransomware countermeasures.