Hacker News new | past | comments | ask | show | jobs | submit login

How does Apple prevent me from using this to track random people based for instance on their Bluetooth headphones?



If you are within BLE range you can "track" someone, but that is already the case with wifi/bluetooth in general.

Even known the public key, you can download the encrypted reports from Apple, but since you don't have the private key you can't decrypt the location messages.


That's why devices that aren't intended to be beacons are supposed to enable address randomization. It still has some security issues and undirected advertising of unique public keys obviously defeats the point, but it's more difficult to track than classic devices were.



You would have to flash their headphones with custom firmware to do this. Take a look at https://github.com/seemoo-lab/openhaystack#how-does-apples-f...


All right, so it isn’t normal Bluetooth devices but requires a special feature in the device.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: