Security Researchers Reverse Engineer Apple’s Find My Network, Launch OpenHaystack Framework for Deploying Your Own ‘AirTags’
Security researchers from the Secure Mobile Networking Lab of TU Darmstadt have announced the release of OpenHaystack, an application that allows you to create your own tags that are tracked by Apple’s Find My network.
OpenHaystack is the result of reverse-engineering and security analysis work of Apple’s Find My network (or offline finding).
We at the Secure Mobile Networking Lab of TU Darmstadt started analyzing offline finding after its initial announcement in June 2019. We identified how Apple devices can be found by iPhones devices, even when they are offline through this work. The whole system is a clever combination of Bluetooth advertisements, public-key cryptography, and a central database of encrypted location reports. We disclosed a specification of the closed parts of offline finding and conducted a comprehensive security and privacy analysis. We found two distinct vulnerabilities. The most severe one, which allowed a malicious application to access location data, has meanwhile been fixed by Apple (CVE-2020-9986).
Using a Mac and a BBC micro:bit or any other Bluetooth-capable device, developers can create their own tags that are tracked by Apple’s Find My network. The OpenHaystack app will locate your micro:bit tag anywhere on earth without cellular coverage. This is possible because nearby iPhones will discover the tag and upload its location to Apple’s servers.
Notably, iOS 14.5 beta 3 has introduced a new Items tab in Find My that will allow users to track third party items and presumably AirTags when they are released.
You can learn more about how to use OpenHaystack and its limitations at the link below.
Source link