Apple's Find My network can be used to steal data — here's how
Apple'due south Find My network can exist used to steal data — here's how
Y'all can use Apple's Find My network to steal information from devices that aren't continued to the internet, a German language researcher says.
Positive Security's Fabian Bräunlein constitute he could take data out of a device that had only a Bluetooth connexion — substantially a homemade AirTag — and use iPhones and Macs to get the data all the way upwardly into Apple's iCloud servers. From in that location, Braunlein could admission the data from his ain Mac.
- The all-time keyfinders right now
- Apple tree AirTag's anti-stalking features take a serious loophole
- Plus: Android 12 leak just revealed a complete makeover for Google's OS
The whole process works very slowly. Bräunlein was getting a transmission rate of virtually 3 bytes per 2nd, and each chunk of data is a maximum of 16 bytes. But over time, you could get a respectable amount of text transmitted. He's calling his organization "Transport My."
The data theft works because each Bluetooth device on the Detect My network sends out a public encryption central to all nearby receiving Apple devices. Those devices marker their own locations, parcel it with the Bluetooth device's public encryption primal, and send the resulting "location written report" up to Apple'due south deject.
Bräunlein found a mode to embed letters in the encryption keys in the location reports and hence communicate very short hugger-mugger letters from his homemade AirTag through Apple's Detect My network to his Mac.
Spying, tracking and messaging
The implications of Bräunlein's inquiry aren't purely theoretical. Millions of computers worldwide are disconnected from the internet for safe reasons considering the computers hold highly sensitive data or run critically important processes, such every bit coordinating the movements of trains or running power plants.
"Such a technique could be employed past pocket-size sensors in uncontrolled environments to avoid the cost and power-consumption of mobile internet," Bräunlein wrote in a blog post, echoing what Amazon is already doing with its Sidewalk low-free energy mesh network. "It could also be interesting for exfiltrating data from Faraday-shielded sites that are occasionally visited by iPhone users."
If some of those computers could be fabricated to communicate via Bluetooth with iPhones that come near, then data might exist snuck out of — or snuck into — those machines.
Bräunlein didn't mention it, merely it'due south already articulate that AirTags tin can be used to secretly track people for up to three days before the AirTags will emit a chirp to reveal themselves. A bootleg AirTag might be able to track someone indefinitely without revealing its existence.
How a homemade AirTag got onto Find My network
Apple tree'south Observe My network is a behemothic mesh network fabricated upwards of hundreds of millions of iPhones worldwide. Each iPhone listens for Bluetooth connections from other devices on the network, and if a Bluetooth-only device is sending out a broadcast message, nearby iPhones volition pick upwardly the message and apply their cellular or Wi-Fi connections to relay the message to Apple tree's cloud servers.
This system was originally meant to locate lost iPhones, iPads and MacBooks, but information technology'south since been expanded to include other devices such as Belkin earbuds and VanMoof electric bikes.
Earlier this year, a bunch of German researchers (not including Bräunlein) figured out how to get other Bluetooth devices — ones non canonical past Apple — onto the Notice My network.
Basically, they created their own AirTags before AirTags were announced. (The same researchers too demonstrated privacy flaws in AirDrop, which uses many of the same network protocols as Find My, and take created an Android app chosen AirGuard, which has been recommended by women concerned about AirTag-based stalking.)
They created a tool called OpenHaystack that piggybacks on the Find My network. 1 part is firmware that is loaded onto a tiny unmarried-board computer such as a Raspberry Pi or something similar, which becomes the homemade AirTag. The other function is a Mac desktop awarding and a Postal service plugin that'south necessary for the whole thing to work.
Bräunlein modified the OpenHaystack board firmware onto an ESP2 tiny single-board figurer — his bootleg AirTag — and the respective software onto his Mac. Using those tools, Bräunlein was able to not only track the ESP2 using the Observe My network, merely also use the Discover My encryption protocol and location reports to transmit messages.
Can Apple tree stop this?
Oddly enough, Apple may not be able to stop this kind of use, or corruption, of its Find My network. That'south because Find My messages are encrypted terminate-to-end, and Apple tree can neither come across what's in those messages or what kind of devices are sending them.
"Apple does non know which public keys belong to your AirTag, and therefore which location reports were intended for you," Bräunlein wrote in his blog mail. "Information technology would be difficult for Apple to defend against this kind of misuse in case they wanted to."
Tom'southward Guide has reached out to Apple for comment, and nosotros will update this story when nosotros get a response.
- More: iPhone 13 release date, specs, price and leaks
Source: https://www.tomsguide.com/news/apples-find-my-network-can-be-used-to-steal-data-heres-how
Posted by: mendozaoret1966.blogspot.com
0 Response to "Apple's Find My network can be used to steal data — here's how"
Post a Comment