Apple AirTag

Main article: What is the Internet of things (Internet of Things, IoT)

2022

Firmware 1.0.301 for easy tracking mark search

On May 2, 2022, it became known that Apple released a firmware update 1.0.301 for AirTag and made the gadget louder, making it easier to detect someone else's tracking tag.

This feature will make it easier to find a spy tracker.

The feature is supported and automatically loaded in iOS 14.5 or later. The user can check the presence of firmware in the Locator application in the Things tab. After clicking on the label, the application will report the installed version. If no update is available, it will be downloaded later.

In February 2022, labels with a disabled audio signal were sold on the network. Quickly discovering the problem, Apple announced work with law enforcement agencies on the illegal use of AirTag and outlined a plan for future changes.

It also plans to improve its tracker alert system. In addition, in beta version iOS 15.4, during the configuration of the AirTag, a warning appeared about the illegal use of surveillance tags.

AirTag is a miniature coin-sized device for searching for missing items such as a key, wallet, bicycle and any other item. However, users reported the use of a beacon to harass people, hijacking cars and other illegal actions^[1]

Use for surveillance

On February 25, 2022, it became known that the appearance of reports that Apple was AirTag used for malicious purposes forced Apple to take urgent measures to prevent the misuse of gadgets, whose purpose is to help users search for lost things. Apple developers announced the update on February 10 and released a statement called "Update AirTag and unwanted tracking."

However, a cyber security specialist from Positive Security by creating a clone of AirTag showed that anti-tracking protection of the beacon and the Find My network can be deceived by attackers.

At the same time, expert Fabian Brownlein said that his methodology is quite obvious and allows you to develop simple methods for bypassing protection AirTag. The modification of the Apple tracker clone allows you to track the user for five days. At the same time smartphone , there will be no messages about this on the user, but the AirTag will be silent. The simulated clone was not linked to the real Apple ID account and was registered through an anonymous record, which did not pass any identity verification.

A particular tracker can be identified by the time it is located near the user. To deceive the protection of AirTag, the researcher used a list of 2 thousand pre-loaded public keys. After every half a minute, the clone broadcast a new key, which made it possible to identify the device as new. It will take about 17 hours to complete all keys, and then the cycle will be restarted.

The clone AirTag based on a microcontroller with a Bluetooth ESP32 module. The expert pointed out that the problem of the FindMy system lies in imperfect software, and not in the hardware base of the AirTag.^[2]

2021

Use for car theft

Criminals steal cars with the help of Apple AirTag. This became known on December 6, 2021.

Hijackers attach AirTag to their car in a public parking lot, track it to the house, and then steal it from the driveway.

AirTag can be attached to any object and no longer worry that it will be lost. With hundreds of millions of iPhone, the company can find any lost item to which AirTags is attached. The tracker pings nearby iPhone, and then they send location data AirTag its owner. This information is sent only to the owner, and no one else has access to it, even Apple.

According to the York Regional Police (Ontario, Canada), the number of cases of using AirTag to determine the location of the car owner's house has increased significantly. Since September 2021, police have been investigating the hijacking of five high-end cars using AirTags.

After tracing the car to the house, the hijackers open it with a screwdriver, and then reprogram the car through the port for diagnostics so that it can be started using the ignition key that the criminals took with them. Thus, hijackers start a car and hide from sight.

The police recommend that car owners take several security measures to protect their vehicle from such theft. Firstly, leave the car if possible in a closed garage, and not at the house. Secondly, it is recommended to use wheel lockers and turn on the lock on the diagnostic port. Thirdly, it will not be superfluous to install a video surveillance system. In addition, it is recommended to regularly inspect the car for presence on it AirTag^[3].

Apple AirTag turns users into unwitting spies in a huge surveillance network

On May 17, 2021, it became known that the mobile version operating system iOS 14.5 from the company Apple received a security function that protects users from unwanted surveillance of their actions by the side. applications However, in iOS 14.5 there was also support for the Apple AirTag tracker, which can be used as a spy gadget.

Apple AirTag is a miniature device in the form of a metal badge attached to keys, wallets, bags and other things that tend to be lost. The device periodically sends signals that allow you to track its location and find lost things using Find My. Despite the obvious benefit, AirTag can also pose a threat and be misused, for example, for prosecution.

The euphemistic description of the technology as a "crowdsourcing" method of detecting lost objects contradicts how these objects are actually tracked. So, the close marketing materials do not mention the fact that AirTags can only work when connected to an Apple-controlled surveillance network, the unwitting members of which are millions of users.

Each icon passes a unique identifier using Bluetooth. Any compatible Apple device in range (up to 100 meters in ideal conditions) captures this signal and transmits the identifier to Apple servers along with its own location data. The icon owner can then log in to their Find My app, access location data, and find a lost item.

The AirTags device in itself has no possibility of positioning - it has no support of GPS. Instead, the next Bluetooth-enabled device is pinched, and everything else is done with the device's location.

In addition to Bluetooth, AirTags also uses a technology called Ultra Wideband. This feature is only supported by Apple devices, such as iPhone 11 and iPhone 12, and allows you to more accurately track your location. This accuracy extends to the definition of direction - from now on iPhone can literally indicate AirTags.

Although the actual nature of the data transmitted is not alarming (icon ID and location), the scale and number of devices involved is alarming. Using AirTag means using a global monitoring network that includes millions of devices. All iPhone (provided Bluetooth is enabled) "listen" to AirTags. When the device "hears" the icon, it downloads information about its ID, as well as its location to Apple servers.

According to Apple, it has introduced a number of security measures to detect and prevent attempts to use AirTags for harassment. In particular, the company has implemented warnings that are triggered if there is a suspicion that the AirTag is not used by its owner. The notification can be displayed on the victim's phone (if she is using the iPhone), as well as a sound alert on the icon itself. However, these security measures are relatively easy to circumvent.

As the results of the experiment showed, writes The Guardian, AirTag can be attached to a person, and in this case no security measures (with a fairly regular reconnection to the pursuer device) work.

Alerts can be disabled. As AirTags and similar devices become more common, users inevitably face a growing number of notifications. As with other common warnings, many users get tired of seeing them and turn them off.

Only a matter of time before AirTags are hacked and misused.

In addition to privacy issues, there may also be a problem using mobile traffic. Most likely, in most cases, spending data does not cause any inconvenience, but during a trip abroad, the user may face unforeseen expenses if he forgets to turn off roaming^[4].

2020: Unannounced product AirTag mentioned in official video

On April 2, 2020, Apple "talked" about developing a new accessory - AirTag - designed to find lost things.

The company published in YouTube a video instruction on how to reset iPhone to factory settings. Showing the screen of the smartphone, the presenter of the video indicated the need to turn off the "Find iPhone" function in order to perform a reset.

In addition to the "Find iPhone" slider, two more were displayed on the same iPhone screen - Enable Offline Finding and Send Last Location.

Under the Enable Offline Finding slider "Offline finding enables this device and AirTags to be found when not connected to Wi-Fi or cellular" was written ("Offline search allows to find this device and AirTags in the absence of connection to Wi-Fi or cellular network").

AirTag - the name of the product that is not present in the Apple nomenclature today.

It is assumed that the AirTag will be a tiny device - a label - that can be attached to objects such as keys, wallet, documents, so that in case of loss their location can be determined in the application on the smartphone.

For the first time, assumptions about such a device Apple appeared in 2019.

According to preliminary information, the device will send location data through the Bluetooth interface, and be powered by a CR2032 battery, largely repeating the Tile product that iPhone owners already use.

Tile is aware that Apple is developing a competing product. In early April, its representatives testified against the apple giant in court as part of an antitrust investigation conducted by the US authorities against several large IT companies at once.

In particular, Tile said that Apple continues to take steps that open up significant advantages for its own products. So, in version iOS 13.3.11, she introduced a mechanism that forces users to regularly give applications such as Tile permission to work in the background. This makes them little useful, since it will be possible to track a lost thing only when the application is opened^[5].

Notes