Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Find My Network Exploited to Send Messages

bklement said:
Won't help without cell towers. Find my and this exploit works by using the network access of the other device within bluetooth range.
Click to expand...
Cell towers are not the only means of network access. Think Wi-Fi, Thread, or satellite, or some combination of those. Could also be coupled with a caching mechanism for intermittent network access.

In other words, as long as one or a few nodes have access to the global internet, the Find My or similar ad hoc network could extend that access to many other devices.
 
Last edited:
  • Like
  • Disagree
Reactions: shadowbird423 and bklement
This can be definitely used to exfil information. I don't expect 3-letter agencies to be affected because they already ban all electronic equipment from sensitive areas or discussions, but businesses don't have this type of security in place.
 
xmach said:
Cell towers are not the only means of network access. Think Wi-Fi, Thread, or satellite, or some combination of those. Could also be coupled with a caching mechanism for intermittent network access.

In other words, as long as one or a few nodes have access to the global internet, the Find My or similar ad hoc network could extend that access to many other devices.
Click to expand...
Certainly won't allow complete strangers to use my device as a network gateway. Not with these crappy batteries, and not for free.
 
For anyone that didn't actually read the write up, or doesn't understand. This can only be used to send 23 BITS of data. That's less than 3 bytes. One `character` in ASCII is 8 bits. If you were to send ASCII Data using this method, you could only send 2 characters. That's nothing. This can't be used for anything super nefarious. It's also slow. The time it takes for a message to come in is anywhere from 5 to 60 minutes. Nobody is going to be using this to send messages to themselves over the FindMy network.
 
Last edited:
  • Like
Reactions: xmach and hans1972
057CA888-36FB-4D9D-9E46-B35CA7E37642.jpeg
looks like we are one step closer to the Dark Knights radar, LOL
 
  • Like
Reactions: xmach
DekuBleep said:
Can bad actors use this exploit to send secret messages undetected?
Click to expand...
Seems like a valid concern. One can send encrypted msgs via apps today. But just using them implies some secret intent and could arouse suspicion. However, to use the find my network, not requiring an app, it may be much harder to know if one has sent an encrypted msg. I would guess it just creates a lot of encrypted noise to most attempts to monitor. Kinda of scary what a terrorist or criminal could do. Hope Apple is gathering pattern data that could help monitor, if needed.
 
ArtOfWarfare said:
This could be used for some kind of Denial of Service Attack, couldn't it?

You set up a server that's just spamming the Find My network, then all the Apple devices are constantly bouncing these spam messages around. They may end up drowning out legitimate Find My network messages.
Click to expand...
Apple can easily modify the network so that only verified Apple devices can communicate in this network. They can use a PKI system combined with IMEI.
 
djcraze said:
iMessage is encrypted end-to-end. Apple never sees your messages. If you don't have iCloud backup enabled, there is no way for Apple to ever see your stuff.
Click to expand...
They could give you fake keys and mitm attack it. Not likely for the average consumer, but anyone doing something super illegal probably wouldn't rely on it.
 
countryside said:
Honestly - does anyone know if the ability for 3rd party decides to use FindMy network will cause network to be less private/secure?
Click to expand...

FindMy network will only allow what Apple allows it to do so if Apple designed it to be less private/secure then it will be less private/secure.

If Apple allows unauthorized actions then that's on Apple.
 
Doesnt this make an airtag a perfect remote detonation device, I imagine it would be trivial to route the sound alert to a trigger mechanism, so you could basically send a bomb and see exactly when it is at a target, and even detonate it with an airtag..
 
Unregistered 4U said:
Another
“IF YOU SET EVERYTHING UP JUUUUUUUUUST RIGHT, YOU CAN DO A THING!” from a security researcher. AirTags is the security gift that keeps on giving.
Next week,
“We’ve been able to determine that if you accelerate an AirTag at just the right speed towards a target that’s not trying to dodge and is totally aware and ok that you’re throwing it (though accelerate sounds cooler) YOU MAY BE ABLE TO HIT THEM!”
Click to expand...

Don't disagree in principle but, to be fair, we need people like this to find weaknesses so they can be fixed. Because if they don't, someone else with more nefarious motives most assuredly will.
 
Jim Lahey said:
Don't disagree in principle but, to be fair, we need people like this to find weaknesses so they can be fixed. Because if they don't, someone else with more nefarious motives most assuredly will.
Click to expand...
As Find My has been available for awhile, the phones and other devices use the network in the same way, you don’t have to pretend to be an AirTag, you can pretend to be ANY Find My member. I wouldn’t be surprised if they reported this, Apple says,”Yeah, ok, sure.” Then, the researcher waits until AirTags is released and provides a dissertation understanding BEFORE PUBLISHING that it’s not an attack vector in any real sense.

I was going to say it’s like a doctor live-streaming their surgery, but I’m sure someone has done that before :)
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back