News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • The Clever Cryptography Behind Apple's 'FIND MY' Feature

    Posted on Alex5723 Comment on the AskWoody Lounge

    Home Forums AskWoody support Non-Windows operating systems iOS The Clever Cryptography Behind Apple's 'FIND MY' Feature

    This topic contains 7 replies, has 4 voices, and was last updated by  Paul T 4 months, 1 week ago.

    • Author
      Posts
    • #1796882 Reply

      Alex5723
      AskWoody Plus

      https://www.wired.com/story/apple-find-my-cryptography-bluetooth/

      In upcoming versions of iOS and macOS, the new Find My feature will broadcast Bluetooth signals from Apple devices even when they’re offline, allowing nearby Apple devices to relay their location to the cloud. That should help you locate your stolen laptop even when it’s sleeping in a thief’s bag…

      “Now what’s amazing is that this whole interaction is end-to-end encrypted and anonymous,” Federighi said at the WWDC keynote. “It uses just tiny bits of data that piggyback on existing network traffic so there’s no need to worry about your battery life, your data usage, or your privacy.”..

      2 users thanked author for this post.
    • #1797231 Reply

      mn–
      AskWoody Lounger

      So. Anyone can determine whether a given storage locker, backpack, handbag, parked car, etc contains an Apple device, or whether there’s any such device nearby.

      • #1799187 Reply

        willygirl
        AskWoody Plus

        So. Anyone can determine whether a given storage locker, backpack, handbag, parked car, etc contains an Apple device, or whether there’s any such device nearby.

        Sounds to me like it should avoid picking up just any iDevice –
        More on privacy/location and the ability to remain anonymous …

        https://www.wired.com/story/apple-find-my-cryptography-bluetooth/
        “And it turns out that Apple’s elaborate encryption scheme is also designed not only to prevent interlopers from identifying or tracking an iDevice from its Bluetooth signal, but also to keep Apple itself from learning device locations, even as it allows you to pinpoint yours.”

        Win7 SP1 Home 64-bit, GrpA

        1 user thanked author for this post.
      • #1799389 Reply

        Alex5723
        AskWoody Plus

        So. Anyone can determine whether a given storage locker, backpack, handbag, parked car, etc contains an Apple device, or whether there’s any such device nearby.

        What gave you that idea ?
        The owner (as well as Apple) searching for his lost/stolen iDevice doesn’t know/get any information regarding the iDevice that’s sending the location data of his lost iDevice to iCloud. The data sent and the data received are both encrypted.

        This and the new privacy log-in with AppleID are tremendous features that no one else has.

        • This reply was modified 4 months, 1 week ago by  Alex5723.
        • This reply was modified 4 months, 1 week ago by  PKCano.
        2 users thanked author for this post.
        • #1801789 Reply

          mn–
          AskWoody Lounger

          What gave you that idea ?

          This:

          the new Find My feature will broadcast Bluetooth signals from Apple devices even when they’re offline,

          So. They’re broadcasting. Even if the device isn’t individually identifiable, being a source of signals that have Apple encryption is sufficient to determine that there is a device present.

          Hiding in ambient RF noise only helps as long as the receiver is a point target. Array antennas are getting common and those aren’t a single point so…

          This is really the kind of thing that Apple should pay everyone else to use too, just to make it *not* automatically mean there’s an Apple device present if such a signal is detected.

    • #1803354 Reply

      Alex5723
      AskWoody Plus

      They’re broadcasting. Even if the device isn’t individually identifiable, being a source of signals that have Apple encryption is sufficient to determine that there is a device present.

      When I walk the streets I can detect smartphones’ BT, CarPlay/Android Auto BT, Smartwatchs’ BT, Beacons, Dogs BT Fobs, BT key Fobs, BT headphones…Apple’s devices are no different in this regard and the devices does not manifest themselves as being Apple devices.

      • #1805675 Reply

        mn–
        AskWoody Lounger

        They’re broadcasting. Even if the device isn’t individually identifiable, being a source of signals that have Apple encryption is sufficient to determine that there is a device present.

        When I walk the streets I can detect smartphones’ BT, CarPlay/Android Auto BT, Smartwatchs’ BT, Beacons, Dogs BT Fobs, BT key Fobs, BT headphones…Apple’s devices are no different in this regard and the devices does not manifest themselves as being Apple devices.

        Exactly – current devices don’t, as they don’t have this feature yet. Besides it likely uses a non-default signaling mode that isn’t by default exposed by a random listener.

        But given the thing from the Wired article:

        your laptop will emit its rotating public key via Bluetooth. A nearby stranger’s iPhone, with no interaction from its owner, will pick up the signal, check its own location, and encrypt that location data using the public key it picked up from the laptop.

        That means that there *has* to be a signal that can be identified as belonging to a device with this feature.

        Do note that this also depends on the stranger’s device keeping the location encrypted. It essentially goes, “Apple device with secret hash xxxxxxxxxxx detected near my current location” … you’d need to trust the stranger’s device to keep the location sufficiently secure.

        So yeah. Without that trust, privacy is dependent on there ALWAYS being a sufficient mass of such devices that the mere presence of one doesn’t stand out… and that in turn is very much of a challenge against any kind of a selective antenna, even a simple directional portable one…

        Also sort of bad that they keep emitting while “offline”.

    • #1807322 Reply

      Paul T
      AskWoody MVP

      Also sort of bad that they keep emitting while “offline”.

      What will the airlines make of an always on device during take off / landing?

      cheers, Paul

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: The Clever Cryptography Behind Apple's 'FIND MY' Feature

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.