12/29/2023 0 Comments Iphone tracker tag"Apple needs to incorporate non-genuine AirTags into their threat model, thus implementing security and anti-stalking features into the Find My protocol and ecosystem instead of in the AirTag itself, which can run modified firmware or not be an AirTag at all," Bräunlein said. ![]() We’re excited to bring this incredible new capability to iPhone users with the introduction of AirTag, leveraging the vast Find My network, to help them keep track of and find the important items in their. ![]() "The ubiquitous nature of the Find My network, combined with its high accuracy and low entry cost, lowers the bar for abuse," SEEMO researchers Alexander Heinrich, Niklas Bittner, and Matthias Hollick said in a new paper, pointing out how "AirGuard found more actual trackers in different scenarios compared to the iOS tracking detection." AirTag can be purchased in one and four packs for just 29 and 99, respectively, and will be available beginning Friday, April 30. Interestingly, AirGuard, which was developed by SEEMO as a third-party alternative to Tracker Detect, is capable of discovering the clone in "manual scan" mode, calling into question the effectiveness of the safety and security barriers implemented by Apple to safeguard users from the malicious use of AirTags. "If an AirTag, set of AirPods, or Find My network accessory is discovered to be unlawfully tracking a person, law enforcement can request any available information from Apple to support their investigation," Apple spells out in an updated support article.īut the " Find You" AirTag clone devised by Positive Security aims to get around "every current and upcoming protection measure." It's also built using OpenHaystack, an open-source framework developed by SEEMO researchers for tracking personal Bluetooth devices via Apple's crowdsourced Find My network.īy broadcasting new, never-seen-before public keys every 30 seconds from a list of 2,000 preloaded public keys through the proof-of-concept (PoC) device, it was found that the mechanism renders the tracking device undetectable, raising no alerts in iOS and Apple's own Tracker Detect Android app even when unwanted AirTags are present. The development also comes as Apple, earlier this month, introduced a raft of new anti-stalking measures to AirTags to prevent their misuse associated with tracking unsuspecting individuals without their consent, inserting a warning notifying users that doing so has criminal repercussions. Then in May 2021, Bräunlein followed it up by sharing details of a communication protocol built on top of Find My that enables arbitrary data to be uploaded from non-internet-connected devices by sending "Find My" Bluetooth broadcasts to nearby Apple devices that can carry out the data upload. In March 2021, the Secure Mobile Networking Lab at the Technical University of Darmstadt, Germany (SEEMO) disclosed design and implementation flaws in the protocol that can lead to a location correlation attack and unauthorized access to users' location histories This is far from the first time weaknesses have been uncovered in Apple's Find My system. Traditional security measures won't cut it in today's world. ![]() Beat AI-Powered Threats with Zero Trust - Webinar for Security Professionals
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |