• The Clever Cryptography Behind Apple's 'FIND MY' Feature

    Home » Forums » AskWoody support » Apple » iOS » The Clever Cryptography Behind Apple's 'FIND MY' Feature

    Author
    Topic
    #1796882

    https://www.wired.com/story/apple-find-my-cryptography-bluetooth/

    In upcoming versions of iOS and macOS, the new Find My feature will broadcast Bluetooth signals from Apple devices even when they’re offline, allowing nearby Apple devices to relay their location to the cloud. That should help you locate your stolen laptop even when it’s sleeping in a thief’s bag…

    “Now what’s amazing is that this whole interaction is end-to-end encrypted and anonymous,” Federighi said at the WWDC keynote. “It uses just tiny bits of data that piggyback on existing network traffic so there’s no need to worry about your battery life, your data usage, or your privacy.”..

    2 users thanked author for this post.
    Viewing 2 reply threads
    Author
    Replies
    • #1797231

      So. Anyone can determine whether a given storage locker, backpack, handbag, parked car, etc contains an Apple device, or whether there’s any such device nearby.

      • #1799187

        So. Anyone can determine whether a given storage locker, backpack, handbag, parked car, etc contains an Apple device, or whether there’s any such device nearby.

        Sounds to me like it should avoid picking up just any iDevice –
        More on privacy/location and the ability to remain anonymous …

        https://www.wired.com/story/apple-find-my-cryptography-bluetooth/
        “And it turns out that Apple’s elaborate encryption scheme is also designed not only to prevent interlopers from identifying or tracking an iDevice from its Bluetooth signal, but also to keep Apple itself from learning device locations, even as it allows you to pinpoint yours.”

        MacOS, iOS, iPadOS, and SOS at times.

        1 user thanked author for this post.
      • #1799389

        So. Anyone can determine whether a given storage locker, backpack, handbag, parked car, etc contains an Apple device, or whether there’s any such device nearby.

        What gave you that idea ?
        The owner (as well as Apple) searching for his lost/stolen iDevice doesn’t know/get any information regarding the iDevice that’s sending the location data of his lost iDevice to iCloud. The data sent and the data received are both encrypted.

        This and the new privacy log-in with AppleID are tremendous features that no one else has.

        • This reply was modified 4 years, 5 months ago by Alex5723.
        • This reply was modified 4 years, 5 months ago by PKCano.
        2 users thanked author for this post.
        • #1801789

          What gave you that idea ?

          This:

          the new Find My feature will broadcast Bluetooth signals from Apple devices even when they’re offline,

          So. They’re broadcasting. Even if the device isn’t individually identifiable, being a source of signals that have Apple encryption is sufficient to determine that there is a device present.

          Hiding in ambient RF noise only helps as long as the receiver is a point target. Array antennas are getting common and those aren’t a single point so…

          This is really the kind of thing that Apple should pay everyone else to use too, just to make it *not* automatically mean there’s an Apple device present if such a signal is detected.

    • #1803354

      They’re broadcasting. Even if the device isn’t individually identifiable, being a source of signals that have Apple encryption is sufficient to determine that there is a device present.

      When I walk the streets I can detect smartphones’ BT, CarPlay/Android Auto BT, Smartwatchs’ BT, Beacons, Dogs BT Fobs, BT key Fobs, BT headphones…Apple’s devices are no different in this regard and the devices does not manifest themselves as being Apple devices.

      • #1805675

        They’re broadcasting. Even if the device isn’t individually identifiable, being a source of signals that have Apple encryption is sufficient to determine that there is a device present.

        When I walk the streets I can detect smartphones’ BT, CarPlay/Android Auto BT, Smartwatchs’ BT, Beacons, Dogs BT Fobs, BT key Fobs, BT headphones…Apple’s devices are no different in this regard and the devices does not manifest themselves as being Apple devices.

        Exactly – current devices don’t, as they don’t have this feature yet. Besides it likely uses a non-default signaling mode that isn’t by default exposed by a random listener.

        But given the thing from the Wired article:

        your laptop will emit its rotating public key via Bluetooth. A nearby stranger’s iPhone, with no interaction from its owner, will pick up the signal, check its own location, and encrypt that location data using the public key it picked up from the laptop.

        That means that there *has* to be a signal that can be identified as belonging to a device with this feature.

        Do note that this also depends on the stranger’s device keeping the location encrypted. It essentially goes, “Apple device with secret hash xxxxxxxxxxx detected near my current location” … you’d need to trust the stranger’s device to keep the location sufficiently secure.

        So yeah. Without that trust, privacy is dependent on there ALWAYS being a sufficient mass of such devices that the mere presence of one doesn’t stand out… and that in turn is very much of a challenge against any kind of a selective antenna, even a simple directional portable one…

        Also sort of bad that they keep emitting while “offline”.

    • #1807322

      Also sort of bad that they keep emitting while “offline”.

      What will the airlines make of an always on device during take off / landing?

      cheers, Paul

    Viewing 2 reply threads
    Reply To: The Clever Cryptography Behind Apple's 'FIND MY' Feature

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information: