[yazaddaruvala]

Does it matter if they now know where my bike is parked, given that they already know where my phone is (i.e. I am) at all times?

Meanwhile, I agree with you. It would be nice if Apple (or anyone) didn’t have this type of location information about me. However, it seems that ship has sailed and 5G + mesh networks will make it even more precise.

[nkellenicki]

They don't have that information about you. From the bottom of that page:

"The Find My network extends these capabilities by locating missing devices even if they can’t or don’t connect to the internet. The Find My network is a crowdsourced network of hundreds of millions of Apple devices that use Bluetooth wireless technology to detect missing devices or items nearby, and report their approximate location back to the owner. The entire process is end-to-end encrypted and anonymous, so no one else, not even Apple or the third-party manufacturer, can view a device’s location or information."

[DisjointedHunt]

End to end encryption only stops Apple from seeing the location while it's moving "End to end" on each end, the Find My app itself or other device features almost certainly leack this information to Apple or it can be gotten through trivial effort if Apple wanted it.

[piva00]

Do you have any supporting evidence for these claims?

[privacyking]

Well for example, it is well documented that although their messages in cloud feature is "end to end encrypted", as soon as you enable icloud phone backups, apple has access to all your messages. A similar issue likely arises with this.

[DisjointedHunt]

Are you asking me if "End to End encryption" protects the data while at rest on each end?

If yes, please do your research on what that term means.

[piva00]

No no! I'm very aware of what E2E means, etc., I'm asking if you have supporting evidence for this statement:

> the Find My app itself or other device features almost certainly leack this information to Apple

I asked if there was any evidence pointing to this leakage, I'd like to know if it's happened before and I'm unaware of it.

[DisjointedHunt]

I can't seem to find traces of the original statements that went into much greater detail, but there is one case that sticks out, that of an Australian teen who accessed an internal system at Apple through unauthorized means and was on a Mac while doing so: https://www.theage.com.au/national/victoria/melbourne-teen-h...

The statements i recall strongly indicated that Apple was aware of many machine identifiers which would have been impossible to log otherwise such as the serial number of the system itself and other such revealing information.

If that is not convincing enough, there are plenty of tales of proprietary, unexposed APIs within the Apple stack itself that "ping home" with sensitive device information, the most recent example being one where any executable on a mac was deliberately blocked (a bug) until validated on Apples end.

If you are looking for a smoking gun, i'm afraid, i cannot provide that, and i apologize if that's what you took away from my comment.

On the other hand, as someone who understands software and the systems here, you may draw your own conclusions, given the two examples above on how hard it would be for someone at Apple, with a bit of motivation and access to do precisely this, ie, derive the information (inferred or direct) about device location through the find my app or other deeper layers of the stack where its stored, or, use the find my network to find devices such as MacBooks that they suspect were involved in activity their security teams dislike.

[sokoloff]

Apple controls the app, the network, and the devices that gather the location information.

It seems like in order to show me where my missing item is, they have to be able to determine my device’s information. They might claim to choose not to do that correlation until I open the app and go looking, but once I do, it seems obvious that Apple can tell where my device is (in order that they can tell me where it is in their Find My app).

[nkellenicki]

The "device information" is likely an opaque ID, and the "location" will likely be encrypted using an asymmetric key-pair set up during the pairing process, so the only thing capable of decrypting the location will be your phone.

The part you're correct about is that as they control the device, there's nothing saying they can't build a backdoor into it that reports the information (ie. location) back to them once it hits your phone. And we're also taking it on trust that it works the way they say it works, as it's not open-source.

But as someone else commented, eventually you have to trust something.

[peytn]

The realistic threat likely isn’t a designed backdoor, but some late-stage bug (especially if server-side) that caused part of the E2E encryption or privacy story to get punted. Who would really block ship on that, esp. with hardware impact?

[lathiat]

The way it works is that the location is encrypted with a key that is only on your device, same as iMessage. So they can't directly decrypt that info.

It's possible in theory they could add hooks into the OS to then do that next time you use the key (e.g. effectively a baked in backdoor) or maybe in some cases the key can be extracted from an iCloud backup or similar (I'm not 100% sure how those keys are stored, but it's likely detailed in their security documentation) but in general the service itself cannot see the encrypted device location.

[PurpleFoxy]

This is of course true but at some point you have to pick your battles. There is no FOSS product which does this and there probably never will be. And it’s not in Apple’s business model to try to collect this data.

[matthew-wegner]

I don’t think that’s what the parent comment is referring to (Apple knowing, and they might not have that capability anyway).

Find My-tracked devices emit a Bluetooth chirp. If any Internet-enabled iOS devices hears it, it forwards to iCloud/Apple backend.

I can lose a WiFi-only iPad, and it can be fully off any WiFi connection, and still get a ping on its location if its Bluetooth chirps get relayed by a stranger’s iPhone.

This exists now, for i.e. the offline iPad example. This larger launch extends the Find My network to a new class of Internet-less, long battery life tag devices.

[clairity]

i’m hopeful that UWB means that this can be shifted off bluetooth/wi-fi/cellular for security and privacy reasons eventually. then you could have those other wireless networking technologies toggleable independent of the find my functionality.