In the old days, if a dirty old man wanted to shock and frighten a young woman he might lurk down a forest path, dressed only in a grubby raincoat, and flash his unmentionables at her before making his cowardly escape.
Today, technology has given sexual exhibitionists a new avenue for their perverted desires.
BBC News today reports on the danger of so-called cyber-flashing, where iPhone users are finding pictures of penises popping up on their screens after being sent via AirDrop by anonymous users in their vicinity.
34-year-old Lorraine Crighton-Smith told BBC News that she was travelling on a train in South London, when her phone received a picture.
Ms Crighton-Smith said that she felt “violated” and reported the incident to the police.
You can imagine how unpleasant it must be to receive an indecent image out of the blue on your iPhone, and not knowing who in your close vicinity might have sent it. The issue becomes even more disturbing when you consider that it might be your child or another vulnerable person who is using the receiving iPhone at the time.
The problem boils down to AirDrop, a feature built into the iOS and Mac OS X operating systems to transfer files between Macs, iPhones and iPads.
AirDrop uses Bluetooth to create a short-range Wi-Fi network between devices, but as security researcher Ken Munro explains, with AirDrop enabled, previews of images sent to you are always displayed.
Even if you decline the file transfer, you still get to see the image – albeit a thumbnail. And a thumbnail of a pervert’s private parts can certainly be enough to shock and upset.
As Mark James, security specialist at ESET UK, explains, the way around this problem is to ensure that you have set your AirDrop settings to “Contacts only” (which will only permit AirDrop file transfers from people in your address book) or disable AirDrop entirely:
“AirDrop is not turned on by default, but it’s easy to set AirDrop to receive from Everyone, and then forget all about it,” said Mark James, security specialist at ESET UK. “The real blame here lies with those who are sending the dirty pics. To block receiving files from complete strangers, iPhone users would be wise to change their AirDrop settings to receive from no one or just those people listed in the contacts list.”
If, however, your iPhone or Mac is set to allow AirDrop requests from “Everyone” then you might find that you’re the next one to get cyber-flashed.
Let’s hope that cyber-flashing doesn’t become more common, but if it does maybe pressure could be put on Apple to warn users of the dangers of accepting files from strangers via AirDrop, and perhaps not offer auto-preview of pictures until a user has confirmed that they are okay with the thought of viewing them.
by Graham Cluley, ESET We Live Security