December 19, 2024
Security Researchers Reverse Engineer Apple's Find My Network, Launch OpenHaystack Framework for Deploying Your Own 'AirTags' 

Security Researchers Reverse Engineer Apple's Find My Network, Launch OpenHaystack Framework for Deploying Your Own 'AirTags' 

Posted March 4, 2021 at 8:42pm by iClarified
Security researchers from the Secure Mobile Networking Lab of TU Darmstadt have announced the release of OpenHaystack, an application that allows you to create your own tags that are tracked by Apple's Find My network.

OpenHaystack is the result of reverse-engineering and security analysis work of Apple's Find My network (or offline finding).

We at the Secure Mobile Networking Lab of TU Darmstadt started analyzing offline finding after its initial announcement in June 2019. We identified how Apple devices can be found by iPhones devices, even when they are offline through this work. The whole system is a clever combination of Bluetooth advertisements, public-key cryptography, and a central database of encrypted location reports. We disclosed a specification of the closed parts of offline finding and conducted a comprehensive security and privacy analysis. We found two distinct vulnerabilities. The most severe one, which allowed a malicious application to access location data, has meanwhile been fixed by Apple (CVE-2020-9986).


Using a Mac and a BBC micro:bit or any other Bluetooth-capable device, developers can create their own tags that are tracked by Apple's Find My network. The OpenHaystack app will locate your micro:bit tag anywhere on earth without cellular coverage. This is possible because nearby iPhones will discover the tag and upload its location to Apple's servers.

Notably, iOS 14.5 beta 3 has introduced a new Items tab in Find My that will allow users to track third party items and presumably AirTags when they are released.

You can learn more about how to use OpenHaystack and its limitations at the link below.

Read More



Security Researchers Reverse Engineer Apple's Find My Network, Launch OpenHaystack Framework for Deploying Your Own 'AirTags' 
Add Comment
Would you like to be notified when someone replies or adds a new comment?
Yes (All Threads)
Yes (This Thread Only)
No
iClarified Icon
Notifications
Would you like to be notified when we post a new Apple news article or tutorial?
Yes
No
Comments
You must login or register to add a comment...
Recent. Read the latest Apple News.
RECENT
Tutorials. Help is here.
TUTORIALS
Where to Download macOS Sequoia
Where to Download macOS Ventura
AppleTV Firmware Download Locations
Where To Download iPad Firmware Files From
Where To Download iPhone Firmware Files From
Deals. Save on Apple devices and accessories.
DEALS