Security Researchers Develop Framework for Tracking Bluetooth Devices Using Find My

by

Ahead of the debut of AirTags and support for locating third-party Bluetooth items through Find My in iOS 14.5, a team of security researchers from the Secure Mobile Networking Lab at the Technical University of Darmstadt in Germany has reverse engineered the ‌Find My‌ protocol and developed an app that's designed to let anyone create an "AirTag" based on a Bluetooth-capable device.

openhaystack mac app
Called OpenHaystack, the app and the source code are available on GitHub for those who are interested in taking a look. The app allows users to create their own Bluetooth tags based on the ‌Find My‌ network by installing an "AirTag" firmware image on a Bluetooth dongle.

The app displays the most recent location of a created Bluetooth tag reported by any iPhone using Apple's ‌Find My‌ network that was implemented in iOS 13, plus it shows the location of the tag on a map.

According to the security researchers, the created tags send out Bluetooth beacons, which are picked up by nearby iPhones that interpret the sending device as lost. The current geolocation is end-to-end encrypted and then uploaded to Apple, with the OpenHaystack app then downloading the encrypted report from Apple and decrypting it locally on the Mac.

In the process of developing this tool, the Secure Mobile Networking Lab researchers also identified a macOS Catalina ‌Find My‌ vulnerability that was reported to Apple and addressed in a 10.15.7 update released back in November. The vulnerability allowed a malicious app to access iCloud decryption keys to download and decrypt location reports submitted by the ‌Find My‌ network.

Apple's iOS 14.5 update includes support for tracking third-party Bluetooth devices in the ‌Find My‌ app using a new "Items" tab, which takes advantage of the same ‌Find My‌ protocol used for the Mac app.

At the current time, in-app tracking is limited to Beats headphones and upcoming Belkin wireless earbuds, but in the future, many third-party Bluetooth devices may include ‌Find My‌ integration, making it easier to keep track of them. This system will also be used by Apple's own rumored AirTags, which have yet to be released.

Tag: Find My Guide

Top Rated Comments

Apple_Robert Avatar
Apple_Robert
12 months ago

This is good stuff guys! Apple is on top of it
Apple is on top of it? What does that mean?
Score: 7 Votes (Like | Disagree)
coolfactor Avatar
coolfactor
12 months ago
This strikes me as concerning.
Score: 6 Votes (Like | Disagree)
Corsig Avatar
Corsig
12 months ago
Yeah that won’t last long
Score: 5 Votes (Like | Disagree)
Apple_Robert Avatar
Apple_Robert
12 months ago

The privacy.. security...
The article is about a couple of researchers creating an app that reverse engineers Find My. This isn't awesome stuff. This is concerning.

Edited to correct my misunderstanding.
Score: 5 Votes (Like | Disagree)
cmaier Avatar
cmaier
12 months ago

Awesome! Let’s hope Apple don’t try to patch this.
Why not? Security holes are bad. Anyone who wants to integrate into the Find My network can do so the official way.
Score: 5 Votes (Like | Disagree)
Apple_Robert Avatar
Apple_Robert
12 months ago

Awesome! Let’s hope Apple don’t try to patch this.
I hope Apple does patch the vulnerability and render this app useless.
Score: 4 Votes (Like | Disagree)
Read All Comments

Related Stories

find my third party iphone

Find My's New Third-Party Accessory Support Works With iOS 14.3 and Later

Wednesday April 7, 2021 11:54 am PDT by
Apple today announced the launch of its Find My network accessory program, allowing compatible third-party accessories to be tracked in the ‌Find My‌ app right alongside Apple devices. The first products that work with the Find My app will include a new Chipolo item tracker, Belkin earbuds, and select VanMoof e-bikes. While it was initially suspected that Find My's third-party accessory...
Read Full Article26 comments
airtag shipped order

AirTag Orders Moving to 'Shipped' Status for More Customers

Thursday April 29, 2021 5:44 am PDT by
AirTag orders are beginning to be marked as "shipped" for more customers on Apple's online store around the world, with most deliveries set to begin arriving to customers on Friday, April 30 launch day. A few lucky customers already received their AirTag orders earlier this week, providing us with a closer look at the unboxing experience. Priced at $29 each or $99 for a four pack, users can ...
Read Full Article63 comments
f1618938547

Apple Announces AirTag Tracking Devices Starting At $29 Each

Tuesday April 20, 2021 10:10 am PDT by
Apple today announced AirTag, a Tile-like Bluetooth tracking device that's designed to be attached to items like keys and wallets for tracking purposes, letting you find them right in the Find My app. AirTags are accessories for attaching to backpacks, luggage, and other items. Any U1 device like the iPhone 12 can be used for precision finding to guide you right to the item you're looking...
Read Full Article259 comments
airtag precision finding

AirTag Includes U1 Chip for 'Precision Finding' Feature

Tuesday April 20, 2021 12:11 pm PDT by
Apple's long-awaited AirTag was finally unveiled today, and as expected, the small circle-shaped accessories can be attached to items like wallets, keys, and more to allow them to be tracked in the Find My app. As was rumored ahead of release, each AirTag is equipped with a U1 chip, and on devices that also have U1 chips, there's a Precision Finding feature. U1 Ultra Wideband chips are...
Read Full Article141 comments
f1618938547

Apple Began Preparing for AirTag Regulatory Approval Nearly Two Years Ago

Friday April 23, 2021 1:59 pm PDT by
FCC filings for Apple's newly released AirTags have revealed that the Cupertino tech giant began regulatory testing and preparing to seek regulatory approval for the product nearly two years before they were officially announced. A series of documents submitted to the Federal Communications Commission indicate that AirTag underwent testing for official certification between July and...
Read Full Article72 comments
apple find my network

Apple Announces Find My Network With Support for Third-Party Devices

Wednesday April 7, 2021 10:06 am PDT by
Apple today announced the launch of its Find My network accessory program, which is designed to allow third-party Bluetooth devices to be tracked in the Find My app right alongside your Apple devices. According to Apple, the first accessory companies to take advantage of the new Find My integration include Belkin, Chipolo, and VanMoof, with devices set to be available beginning next week. ...
Read Full Article127 comments
chipolo one spot iphone

Chipolo ONE Spot Now Available to Pre-Order as Cheaper AirTag Alternative With Find My Integration

Wednesday May 12, 2021 7:32 am PDT by
Last month, Apple opened up its Find My app to third-party device manufacturers, allowing for third-party products to be tracked in the Find My app right alongside Apple devices. Chipolo is one of the first brands to offer this functionality with its new ONE Spot item tracker, which is now available to pre-order in the United States and many other countries, with pricing set at $28...
Read Full Article78 comments
Apple airtag accessories bag 042021 big carousel

What to Know if You Plan to Travel Abroad With AirTags

Friday April 23, 2021 7:10 am PDT by
Apple's new AirTag item trackers are ideal for attaching to things like bags and luggage cases, which makes it likely they'll become popular with travelers and backpackers who want to keep tabs on their personal possessions abroad. For this reason, it's worth remembering which AirTag features work wherever you are, which ones depend on you being nearby the AirTag, and which functions aren't...
Read Full Article194 comments

Popular Stories

AirPods Pro Gen 3 Mock Feature Red

AirPods Pro 2 Could Start a New Accessory Ecosystem

Friday January 14, 2022 2:34 am PST by
Apple's second-generation AirPods Pro could arrive alongside a new series of accessories, recent leaked images suggest. Alleged leaked photos of the next-generation AirPods Pro obtained by MacRumors showed a charging case with a metal loop on the side for attaching a strap. Apple has not used this design for any of its other AirPod models and it is unclear why it would be added in this...
Read Full Article
netflix2

Netflix Again Raises Prices for All Plans, 4K Streaming Now $20 Per Month

Friday January 14, 2022 12:46 pm PST by
Netflix today updated the prices for its streaming plans, and all of its offerings are now more expensive. The Basic plan is now priced at $9.99 per month, the Standard plan is priced at $15.49 per month, and the Premium plan is priced at $19.99 per month. The Basic plan is $1 more expensive, up from $8.99 per month. This plan allows users to watch on just one screen at a time, and it limits ...
Read Full Article381 comments
iPhone 14 Mock pill and hole 16x9 120hz

Analyst: All iPhone 14 Models to Feature 120Hz Displays, 6GB of RAM, and More

Friday January 14, 2022 7:02 am PST by
Apple is rumored to announce four new iPhone 14 models in September, and ahead of time, analyst Jeff Pu has outlined his expectations for the devices. In a research note with Haitong International Securities, obtained by MacRumors, Pu claimed that all iPhone 14 models will feature ProMotion displays, compared to only Pro models currently. ProMotion enables a variable refresh rate up to 120Hz ...
Read Full Article74 comments
Unlikely Products 2022 Feature

Six Rumored Apple Products You're Unlikely to See This Year

Saturday January 15, 2022 2:06 pm PST by
Much has been said about what consumers could see from Apple in 2022, but the company is also working on a handful of rumored products that aren't expected to be unveiled for at least another 12 months, and in some cases a lot longer. Of course, that's assuming they get released at all. Apple works on many potential products some of which ultimately never see the light of day. With that in...
Read Full Article64 comments
top stories 20220115

Top Stories: iPhone 14 Pro Rumors, iCloud Private Relay Controversy, iOS 15.2.1 Released, and More

Saturday January 15, 2022 6:00 am PST by
Hole-punch? Pill? Hole-punch and pill? Rumors about what the front camera system on the iPhone 14 Pro will look like are evolving rapidly, and it now appears we might be getting a novel but potentially controversial design later this year. Other major stories this week included some confusion and controversy about iCloud Private Relay being disabled for some T-Mobile customers, increasing...
Read Full Article10 comments
iPhone 14 Mock pill and hole thumb

ProMotion Now Expected to Remain Exclusive to iPhone 14 Pro Models, Not Expand to Entire Lineup

Sunday January 16, 2022 8:56 am PST by
Continuing the tradition set with the iPhone 13 Pro, only the highest-end iPhone 14 models will feature Apple's ProMotion display technology, according to a respected display analyst. Ross Young, who on multiple occasions has detailed accurate information about Apple's future products, said in a tweet that ProMotion will not be expanded to the entire iPhone 14 lineup and will remain...
Read Full Article76 comments
iPad Pro Big Ol Logo Orange

Next iPad Pro Might Feature Large Glass Apple Logo to Allow Wireless Charging

Friday January 14, 2022 10:44 am PST by
Bloomberg's Mark Gurman and Debby Wu last year reported that Apple had tested a new iPad Pro with a glass back for wireless charging capabilities. In a recent edition of his newsletter, Gurman said he expects the new iPad Pro to be released in 2022. While the new iPad Pro is still on track to feature wireless charging, 9to5Mac's Filipe Espósito today reported that Apple may have ultimately...
Read Full Article128 comments
ipad air 4 video

New iPad Air Rumored to Launch This Spring With A15 Chip, 5G, Center Stage Camera, and More

Saturday January 15, 2022 8:05 pm PST by
Apple is planning to release a fifth-generation iPad Air with similar features as the sixth-generation iPad mini, including an A15 Bionic chip, 12-megapixel Ultra Wide front camera with Center Stage support, 5G for cellular models, and Quad-LED True Tone flash, according to Japanese blog Mac Otakara. Citing reliables sources in China, the report claims that the new iPad Air could be...
Read Full Article107 comments