1. At setup, Find My generates private key shared to all your Apple devices.
2. The private key generates a perpetual sequence of public keys. These change (iterates to the next) "frequently".
3. The rotating public key is shared accross all (including other people's) Apple devices via Bluetooth and can even do this when it's off.
4. The shared scheme pings to Apple's central system and uploads A. hashes of the public keys in the area and B. the location.
5. When you try to find a device you send your hashed public key to Apples server and they return the last picked up location (encrypted). (You thus need at least 2 Apple devices, one to find the other. Also, they don't say how the previously iterated public keys are remembered.)
- Loss of a companion device that was never found and it took the private keys with it
- Got a new companion device
How do I reset the keys and how do I make sure a theif can't reset these?
1. Resell - you turn off 'Find My' on your phone and sign out of iCloud then wipe the device
2. Loss - Go into iCloud and mark the device as lost. Not sure what this means for finding other devices
3. New companion device - sign it into iCloud.
A regular gps tracker would need much more energy.
Edit: another scenario, leave it in an isolated hut. If I get a signal, someone is close to the hut.
Edit 2: if I piggy back the protocol and can manipulate the key schedule (chose key A or B) then I can leak one bit of information through the third party phone. The third party phone may be allowed to communicate while my sender isn’t.
You could do that already with a device, just by making an app that listens for Bluetooth or WiFi traffic. You’d also be able to grab MAC addresses of the nearby phones. Your ‘exploit’ isn’t revealing any more than you can already discover today.
If you build your own BT or WiFi sniffer, you won't be able to piggyback on someone else's internet connectivity.
You could do the same thing with a regular phone with an app that uses GPS. Just attach a powerbank if you're concerned about the power.
To me just the fact that these things are on when you ask for them to be off is problematic.
I first saw this tech, I think, 9 years ago when I first encountered a "bluetooth spam" device
So effectively none. I've never even heard of Tile before this. Leveraging the whole Apple ecosystem for this sounds a lot more promising and will probably kill any competitor that depends on installing an app, even if that supports multiple platforms.
Edit: Maybe Apple will introduce tiny key fobs that can be tracked so you can find your keys or other things.
This is strongly rumored.It may also fall into the bucket of technology they license out, such as Homekit.
You can then use the IPs to identify who are A and B.
Far easier and more reliable than using a phone.
I wonder if you can turn off "Find My" just like "find my iphone" and it will prevent these sorts of things.
No guarantees are provided that this network, under Apples's exclusive control, won't relay other type of information.
This seems to be saying that Apple has a big mesh network play ready sometime soon.
Want to bet they have a good idea of coverage already and need some testing - they might not be able to see your location but they will see the location of every phone passing your public key encrypted bits back - they get to test their mesh network ? Or am I missing something?
Someone needs to push mesh networking on a more consumer level, if it has to be Apple, so be it.
My understanding is that (in this scheme) all location data is encrypted by keys unknown to apple, i.e. the reporter uses the lost device’s public key to encrypt its location and transmits it together with the hash of the key.
However, apple seems to be able to infer proximity of two reporters, as described here
Edit: except if the Lost device is controlled by Apple, then they can decrypt the location of the reporting device.
I had not heard of it before.
Edit: This other comment in the thread points at an article with some guesses as to how it might work. It mentions a system called Elgamal that has a scheme somewhat like my description above: https://news.ycombinator.com/item?id=20134956
Used by some cetptocurrencies (like monero) to implement stealth addresses. Allows the sender to derive a new public key for each message sent and the receiver to derive the corresponding private key.
Or quite possibly it's just using the current time as a nonce. I believe nonces are public info anyway and it doesn't matter if it's predictable (they're often incremental).
Edit: Because people get used to adding 's to indicate possession. I don't always do it, but it happens.
Just one small anecdote, but I can't imagine many departments taking it upon themselves to do so.
Be sure to bring this up the next time the city asks for a tax increase for police funding.
If you're a thief and you want the phone to stop broadcasting, AFAIK you can just turn it off (as opposed to leaving it in sleep mode). But you'll have to deal with Activation Lock, which has been around for years and makes the phone a brick without the original owner's Apple ID. The new feature, on the other hand, is more applicable to devices that are just lost, not stolen.
Yes, but (1) that increases the difficulty of stealing such devices and (2) doesn’t help opportunistic or stupid thieves. Nobody is claiming that Find My makes Apple products unstealable.
I’ve never known the police to do anything about stolen property. Even stolen cars don’t seem to be investigated.
I’d suspect they’re using something similar to Moxie’s Double Ratchet algorithm since it’s got some years of real world usage.
Still not bad though since the public keys are being stored on the devices.
They wouldn't know specifically what data was in the encrypted message, but with enough attributes (IP, time, Apple ID, etc) they could obviously gather a high-confidence amount of tracking data still.
I don't use it and have some reservations as Apple’s iCloud services still do not provide end-to-end encryption.
I'd be interested to see what Matt Green has seen.
Because it is not like I will fly to some other country to catch the thief or new owner of my stolen device.
An aside: what would happen if you wipe macOS and install another base operating system.
That is, if the Mac is locked with Activation Lock, it wouldn't be possible to install another OS; the firmware itself will lock the user out of the computer entirely until the machine is unlocked. This dissuades thieves from stealing your MacBook as it will effectively be useless for anything other than parts, and most thieves aren't in the tiny-amounts-of-aluminium-relative-to-if-they-just-stole-cars recycling business.
I clarify because I don't want anybody thinking one is entirely unable to install another OS at all. That is possible, but of course you lose out on macOS features like Activation Lock.
Are the addesses only randomised for broadcast / new pairs?
Thos sounds like a great way to track shoppers in, for example, a shopping mall.
If the BLE beacon is broadcasting at a predetermined rate this may also extend tracking past the rotation of keys right?
Supposing apple can't infer the precise location, of every user, they still can infer the social graph
Long story short, Apple, cell tower operators, and mobile providers already have all the data they’d need to make these graphs. If this functions as designed, it will contain much less information and wouldn’t be useful for this purpose (I.e. encrypt requests and don’t pass IP info with them to any systems that have the ability to decrypt them. If you make a few hops to the systems which have the ability to decrypt them and don’t share correlation IDs or the origin IP, there’s no way to correlate these requests back to which device sent them or what IP or cell tower it had).
That is to say: the asym crypto may strongly protect the precise (GPS or LTE triangulation) location from Apple and from others, but I do not see how a cloud-based system can ever hide coarse location from Apple and/or from governments as, given the short range of BT, they can reliably infer that a device (and hence its owner) is/was near whatever IP sends the encrypted precise location to their cloud. Then it's just a matter of mapping the device's "randomized" ID back to an actual user/phone. That seems easy enough as soon as a second device accesses it from an IP that's mappable to a specific residential address, Apple account, etc.
A and B both log into iTunes or some other Apple service using email@example.com and firstname.lastname@example.org from HOMEIP at some point in the past. HOMEIP is never used by any other Apple accounts.
A(lice) and B(ob) exchange a secret and otherwise begin participating in this "private" tracking scheme.
A goes out shopping and while there it pushes its encrypted precise location to the Apple cloud, using random ID 424242, from MALLIP. Perhaps A's device sends it directly, or perhaps it's relayed from BT to Mall wifi to Cloud by C's device if A has both LTE and wifi disabled.
A few minutes later S(omeone) requests encrypted location for random ID 424242, from HOMEIP.
Apple (and any government compelling it to share information) can reliably infer that "Someone" was A or B attempting to track either B or A, and that the tracked phone was at/near the business address of MALLIP - their coarse location - even if they can't decrypt the precise location without the secret key. If you know from public records that A and B are married, and assume that women are more likely to be at a mall on their own than men, you may further assume that A is at the Mall while B is at home.
Result: the "private"/"encrypted" precise location beaconing has an unfixable metadata side channel that will leak coarse location data to Apple and to any governments that compell it.
There's... not much that can be done about that, and there's no need for the scare quotes on the words private or encrypted. Any encrypted communication still uses an IP address that can be mapped to a coarse location; this isn't an Apple related thing.
If you want to be able to find your device (it's opt-in), it needs to relay its location via the Internet. Doing so requires an IP address, which can indeed be mapped to a coarse location in some cases (my own home IP address is totally useless, it says I'm in London when I'm on the other side of the country). I'm not sure what the big deal is.
Well, the Internet does not strictly require all traffic between two parties to go through a MegaCo Cloud. Location privacy in this system would appear to be greatly enhanced (vs Apple-as-an-adversary) if A and B communicated directly, or through a server that they controlled, instead of through iCloud. In concise security terms, Apple man-in-the-middles the encrypted traffic in this system and thus may perform traffic analysis, deanonymization-via-inference, etc as I said above.
It's certainly true that NAT, firewalls, and a lot of other things make direct communication between two iDevices inconvienent and frequently impossible - that's fine and fair enough. But then the Company should not be making at least partially untrue privacy and anonymity claims that are essentially impossible to satisfy when by design all of the traffic flows through their cloud.
AFAICT Apple (and likely its host governments) will still need to be trusted parties in any scheme that flows through their infra, unless you care only about protecting your precise location, and are willing to expose your coarse location to them.
To be clear, they may already have that info from other services, and you'll have to trust Apple a lot anyway since they're making the phone and some custom silicon within it. And them having coarse location is certainly preferable to them having precise location data - so this system (as we are inferring it to work) is not worthless, and is still an improvement over a naive implementation.
But real internet anonymity and location privacy is hard to achieve; just ask any tor developer. So please don't let the marketing dept openly claim that, or even imply that, when the claim can't realistically survive a two minute security audit by HN infosec nerds. To be specific the WWDC claims that "this whole interaction is ... anonymous" and "there’s no need to worry about your ... privacy" are what I am taking some issue with here.
Of course any of the intermediate machines could be tracking this data for correlation purposes but it should be possible to strip it along the way.
If the request data containing the 424242 is encrypted and only the machine without origin info has access to that identifier, how would you know the request is for 424242?
- A and B connect from same home network with their apple IDs
- B checks location of someone (you assume it is A)
- so we have A’s coarse location
Depending on implementation details, this randomIDs you mentioned not needed to be same when submitting and querying (and probably not)
Still miss the larger picture. Now the genie is out, a country will have technology to monitor all things and people all the time.
The world is not just Apple. Someone will use the sane idea to do evil behind this.
And even Apple has to work inside say china and follow their law. What if they ask ...
We have been here before. Internet !
The links to us all. The freedom to publish and share. Then someone turn it into a way to record and monitor everything you said. And e-wall the whole country and round up any people they do not like.
Good luck. Guess technology is neutral. It is not it’s fault. But beware of the gift from clever Greek. Or in that story the golden Apple.
The genie has been out for a long time. Apple is using existing technologies to achieve this
> Someone will use the sane idea to do evil behind this.
Where have you been the past few years? You are already being tracked everywhere.
If you'd like to know more specifics, please feel free to contact me.