Hacker News new | ask | show | jobs
by pyronik19 505 days ago
Would there be a way for the bluetooth device to rotate its broadcast keys in a predictable way to avoid the iphone notification of "unknown airtag close by" messages? Seems like this could be exploited for surveillance.
3 comments
alphan0n 505 days ago
Yes, the FindYou project [0] has shown this to be possible.

[0] https://github.com/positive-security/find-you

link
mrshadowgoose 505 days ago
Sure, that works.

One can also just cycle through a sufficiently large bank of pre-allocated keys, such that a findmy receiver doesn't see the same key too frequently.

link
denysvitali 505 days ago
You just need to derive a new key, this process is already part of the protocol to avoid being tracked while you wear your airtag
link
denysvitali 505 days ago
Technically it would need to rotate every 15 minutes or so - the notification you're talking about happens when the device is in "lost mode" (away from its owner): in that case the key is rotate every 24 hours
link