AirDrop is the one route on the whole side-door map that no content filter can touch, because there is no content delivery to filter: one phone hands an image straight to another phone in the same room, no website, no DNS lookup, no network request for anything to inspect. That is exactly why unsolicited explicit pictures over AirDrop are a genuine problem in schools and on public transit, the sender needs nothing but proximity. The fix is therefore not filtering but access control: decide who is allowed to send to the device at all. TKO’T handles the screen and the network, free; AirDrop is closed at the receiving setting, and the two together leave no gap. Defense-only, naming the route only to shut it.
Why no filter is in the path
Every other door on the side-door map involves content arriving from somewhere, a domain, an app, a file host, which gives a DNS or screen layer something to act on. AirDrop and peer-to-peer sharing skip all of that: the image travels directly device-to-device over a local radio link, never touching the internet, so there is no lookup to block and no source to judge. A screen layer would only react after the image is already received and opened, which is too late for the unsolicited case. So this door is closed by controlling who can hand the device a file, not by inspecting the file.
Set the receiving control
The whole defense is the AirDrop receiving setting, and the moves are simple:
Contacts-only or off. Set AirDrop to Contacts Only so only known contacts can send, or Receiving Off entirely, which is the right setting for a kid at school where the threat is strangers in range. Apple’s content and privacy restrictions can lock this so it cannot be flipped back to Everyone.
Lock it behind a held passcode. On a child’s device, set the restriction and hold the Screen Time passcode yourself, so AirDrop cannot be reopened to Everyone in the moment. This is the same held-credential pattern as the rest of the family setup, applied to a radio feature instead of a filter.
Clear what already arrived. Anything already AirDropped and saved lives in the photo library past every filter, so clearing saved media is part of the cleanup, the same saved-media note that applies to any downloaded content.
Where it fits
For the school problem, contacts-only or off solves the actual threat, unsolicited pictures from strangers nearby, completely, because a stranger is not in the contacts and cannot send. For a person managing their own use, AirDrop is a minor route compared to the browser, but worth closing for completeness once the big doors are shut, and the install lock on the device prevents adding third-party peer-to-peer sharing apps that would reopen the same gap under a different name. The honest framing: this is access control, not filtering, and access control is actually the stronger guarantee here, a stranger who cannot send cannot send, full stop, no detection accuracy involved.
Frequently asked questions
How do I completely disable AirDrop so my kid doesn’t get inappropriate pictures at school?
Set AirDrop to Receiving Off, or Contacts Only so only known contacts can send, then lock that setting behind a Screen Time passcode you hold so it cannot be flipped back to Everyone. That fully solves the school threat, because a stranger in range is not a contact and cannot send. Clear any already-saved media, and keep the device’s other layers, screen and DNS, running for everything else.
Why can’t a porn filter block explicit AirDrops?
Because AirDrop sends images directly phone-to-phone over a local radio link with no website, DNS lookup, or network request, so there is nothing in the path for a filter to inspect. This is the one route where content filtering has no traction. The answer is access control instead, controlling who is allowed to send to the device, by setting AirDrop to contacts-only or off.
Should I set AirDrop to contacts-only or turn it off entirely?
For a child at school, Receiving Off is the safest setting since the threat is strangers in range; Contacts Only is a reasonable middle ground that still allows known people to share. For an adult, contacts-only is usually enough. Either way, lock the setting behind a held passcode so it cannot be returned to Everyone in a weak or careless moment.
Does a screen blocker like TKO’T catch an explicit AirDrop?
A screen layer can only react after the image is received and displayed, which is too late for an unsolicited send, so AirDrop is closed at the receiving setting instead, not by the screen layer. TKO’T covers the screen and the network for everything that arrives over the internet; the AirDrop receiving control closes the direct phone-to-phone route the filter cannot see.
Can someone get around the AirDrop block with another sharing app?
They could try a third-party peer-to-peer app, which is why locking app installs behind a held passcode matters, it stops a replacement sharing app from being added. With AirDrop set to contacts-only or off and installs locked, the direct-sharing route is closed both at the built-in feature and at the door for alternatives. For the receiving threat specifically, access control is a clean guarantee.