|
|
|
|
|
|
by Xx25
1383 days ago
|
|
|
Was reading about Apple's "Find My" network. This caught my eye:
"The traffic sent to Apple by finder devices contains no authentication information in the contents or headers." This allows anyone to write a program and act as a finder device. You can report whatever location you want of the "found" device. Send your stalker to the location of your choice :) |
|
|
> In addition to making sure that location information and other data are fully encrypted, participants’ identities remain private from each other and from Apple.
I don't know that it matters whether or not there's any authentication information. If you could get your Apple device to misreport its location (would need jailbreaking for iOS probably)[1], maybe you could fool the Find My network into reporting the AirTag is elsewhere.
[0]: https://support.apple.com/guide/security/find-my-security-se...
[1]: This would likely need to be quite involved, considering location may be determined from a combination of IP, Bluetooth, WiFi, GPS, etc., although I'd be surprised if there aren't already tools available to do that, especially on macOS.