Apple Find My network exploit gets iPhones to send arbitrary data

JC Torres - May 13, 2021, 1:53am CDT
Apple Find My network exploit gets iPhones to send arbitrary data

New Bluetooth-enabled item trackers would have flown under the radar in most announcements but since Apple made them, the new AirTags have landed at the center of attention in more ways than one. Apple’s newest nondescript accessory has irked rivals like Tile who are complaining about the company’s anticompetitive behavior once again but has also raised concerns among privacy advocates and security researchers alike. A new study, for example, shows just how easy it is to abuse the convenience Apple’s Find My network offers to do unauthorized by thankfully still harmless things.

Part of what makes Apple’s new AirTags special is how it seamlessly works on its Find My network. It practically uses every iPhone within range to pinpoint and report its location because the trackers themselves don’t connect to the Internet. It’s basically a crowdsourced type of item search, and that’s sort of where the trouble begins.

The AirTags apparently broadcast their locations through an encrypted message and a security researcher revealed how easy it is to send something else in that encrypted data. iPhones also apparently don’t do any sort of sanity check and that it could be made to transmit that data to the Internet using the phone’s data connection.

At the moment, however, the proof of concept exploit seems to be just that. The encrypted data that an AirTag can send is so small that there’s no danger of draining an iPhone’s data allocation dry. It also doesn’t seem to have any other exploitable behavior, at least for now.

It does, however, paint the AirTag again in a rather negative light. It also gives privacy advocates more ammo against Apple’s claims of its privacy focus, at least with these tracking accessories. It can, however, be easily fixed by some firmware updates, hopefully, before more and worse holes are found.


Must Read Bits & Bytes