| Nearly zero knowledge of the airtags protocol, but something like this would allow tracking a stalking tag without giving a trackable identifier. • An AirTag which is seeing an owning device might only be reporting its presence to that device. We can ignore those. (I'm guessing AirTags listen in some limited way, this still works if they don't, it just is always in the separated state.) • An AirTag which is separated from its owning device will be broadcasting a public key in an "I'm separated" message. This public key is rotated periodically, but is used for a while. When my phone sees an "I'm separated" message it will send a hash of the public key and a location (encrypted with that key) to Apple central. If I'm in motion, and continue to see the same public key crying out that it is separated, then it is traveling with me. Of course everything is way more complicated… • It probably doesn't just switch to a new public key and stop using the old one, that would let you correlate them, so there is probably some period of overlap to complicate that. • How to decide when to tell the user about the tag is a complicated problem. If I'm on a train traveling with a tag I don't recognize, I probably don't care. If I change train cars (I'm still in motion, but 98% of the tags around me changed) I might care. If am walking after getting off the train and most of the other tags are gone, except this one, I might care. If it's still with me when I get home, I care. |