Sale of 'Silent AirTags' on eBay and Etsy Raises Privacy Concerns

[deeddawg]

Yeah, but they are physically much larger, requiring more power and bigger batteries.

Not much larger...

They also require an expensive subscription to connect to the GPS. The beauty of the AirTags is the low power, low range signal, that piggybacks off the network of people's iPhones (and without a subscription), rather than needing a high enough power antenna to connect to GPS.

There's no subscription to utilize the GPS satellite array, and it does not necessitate a "high power antenna" -- GPS is built into many small devices such as myriad sports/fitness watches. The device merely listens to the signals broadcast by the GPS satellites and calculates its position based on those signals. It no more "connects to the GPS" than your car radio "connects" to a radio station.

What does require a subscription, and what does necessitate more battery power, is the ability to connect to a cellular network so the device can transmit information such as its location.

As for being expensive, I don't think $5 per month is all that much, but I suppose that's relative

 

[koil]

Pretty sure Apple will find a way to detect a disabled speaker via firmware update.

Doubtful, speakers are analogue devices, the only way to detect if one is there is to measure the resistance across the circuit, it'll be infinite if the speaker circuit is removed, but if the speaker is simply "broken" then it may not be possible at all. Even then all someone has to do is mount an appropriate resistance between the pads the speaker is supposed to be soldered to.

Either way, to do this would require dedicated circuitry which almost certainly isn't in there, if it is I'm wondering why AirTags shipped without code that automatically disables it if the speaker has been tampered with.

 

[deeddawg]

Doubtful, speakers are analogue devices, the only way to detect if one is there is to measure the resistance across the circuit, it'll be infinite if the speaker circuit is removed, but if the speaker is simply "broken" then it may not be possible at all. Even then all someone has to do is mount an appropriate resistance between the pads the speaker is supposed to be soldered to.

Either way, to do this would require dedicated circuitry which almost certainly isn't in there, if it is I'm wondering why AirTags shipped without code that automatically disables it if the speaker has been tampered with.

Yep. As I understand it, removing the "speaker" isn't impacting the coil - and thus wouldn't be changing the resistance. Lack of a magnet to move would affect the reactance of the circuit, though detecting that change would be a good bit more complex.

 

[Surfer13134]

Well that wasn’t long. Apple yanked down that listing as well as 2 others on Etsy.

 

[svish]

Horrible for privacy. Apple could automatically disable AirTags with disabled speakers.

 

[thomas040]

Well that's not creepy at all / s

 

[deeddawg]

Horrible for privacy. Apple could automatically disable AirTags with disabled speakers.

How would you propose they do that?

The coil doesn't appear to be getting damaged/removed, and even if that did occur it's improbable there's any sensors in the circuitry to detect that.

 

[a_f]

This privacy talk is getting ridiculous honestly. No one reported on these 'privacy issues' before the Airtags existed. How big of a issue I this anyway? Shouldn't stores start selling dull knives too then because otherwise someone might kill their spouse with it? Limit cars so they can only go 10 mph because otherwise someone might die in a car crash.

People will find ways to kill/stalk/hurt eachother anyway. Stop hampering the Airtags already.

Look! Look! A reasonable person with an intelligent thought.

 

[Victor Mortimer]

I could see this actually making sense for pets. My dog gets really annoyed with beeping noises.

 

[harriska2]

I have an Airtag that I own on my friend’s dog. She insisted as she is paranoid the dog will go missing and she has an android phone with samsung tag (better 2 trackers than 1). Last night I was dog sitting with the puppers on my lap when the stupid thing went off and scared the dog. A couple hours after that it did it again. Seriously going to ask if they want the speaker disconnected.

 

[gaximus]

How would you propose they do that?

The coil doesn't appear to be getting damaged/removed, and even if that did occur it's improbable there's any sensors in the circuitry to detect that.

They could make an update that uses the iPhones microphone to detect the sound an AirTag should make, then disable it if it doesn't hear it. It could use use ultrasonic sounds so that the user never hears it during the tests.

 

[dwaite]

All for only $10-$20 more than a GPS tracker with a 3 year battery that won't warn people they are being tracked.

Because only AirTags use the entire network of existing iOS devices all over the world to determine location.

We've literally never had something quite like this.

Except the vast network of positioning satellites

 

[turbineseaplane]

Except the vast network of positioning satellites

I was referring the part about the AirTag network being crowdsourced data from users devices
(unless one opts out)

Obviously other types of networks have existed for ages, yes.

 

[CarlJ]

I'm curious how many things were stolen because of Tile. Tiles don't have speakers, or notifications that you are being stalked. My guess is that bad people have been tracking people with Tile and other trackers since the beginning, and nobody knew about it. Apple's solution to tracking (with privacy in mind) shed a light on what was happening.

The difference is that Apple’s network of passive sensors (potentially every iPhone on the planet) is vastly more far-reaching than Tile’s (which is limited to people who have Tiles and are running the associated background process), so an AirTag has a much better chance of reporting back location info.

That said, I agree with the notion that this capability (simple surreptitious tracking) is not something that has popped up as a brand new threat with the introduction of AirTags. Relatively cheap trackers have been around for a while, and many are more capable (gps, a cellphone radio, a sim and a battery make for a completely standalone device not dependent on Apple, or nearby iPhones, and not containing any of the safety measures that Apple has introduced with AirTags). But people / media go after the AirTag either because the name “Apple” makes any headline more exciting, or because they’re naive.

Still, people who modify and sell AirTags for stalking suck.

 

[turbineseaplane]

That said, I agree with the notion that this capability (simple surreptitious tracking) is not something that has popped up as a brand new threat with the introduction of AirTags

But the most valuable company in the world creating and enabling a worldwide free dragnet of all their users devices is pretty new -- and has enabled the threats and concerns to be acted upon even more easily and discreetly than ever before.

And there's the moral question for Apple of continuing any of this if they can't get a great handle on mitigating the risks, concerns and unintended consequences.

Only time will tell on that second part.

I'm open to them making it better and safer through evolution over time - for sure.

 

[tranceme]

there was absolutely no reason for apple to ever release a product like this.

Why? This is integrated in FindMy and works great. Got my mom a couple and she loves finding her wallet and keys when misplaced. Not following you...

 

[gene731]

Such a clusterf*ck. I seriously thought Apple weren't going to release these due to privacy concerns.

You really don’t understand reading comprehension 101, do you? Apple had absolutely nothing to do with this.

 

[Unregistered 4U]

But the most valuable company in the world creating and enabling a worldwide free dragnet of all their users devices is pretty new -- and has enabled the threats and concerns to be acted upon even more easily and discreetly than ever before.

And there's the moral question for Apple of continuing any of this if they can't get a great handle on mitigating the risks, concerns and unintended consequences.

It’s new, but it hasn’t enabled any NEW threats. They’re the same old threats and they are acted upon LESS easily (as the devices are more expensive than others in the market) and LESS discreetly (they’ll ping nearby iPhones that they’re there, AND the device is tied to an AppleID two things that make it WAY less discreet than other already available options).

I think the best part about AirTags is that it allows people unfettered use of the word “dragnet”, the search of which will bring attention to a show that EVERYONE should know about.

 

[Unregistered 4U]

You really don’t understand reading comprehension 101, do you? Apple had absolutely nothing to do with this.

For some, all a story needs is “Apple” and comprehension is no longer a thing that’s required. EVERY security threat is a “failure on Apple’s part” even though reading will show that any particular security exploit essentially requires one to sign in to their device and give the attacker physical access to it.

 

[E.Lizardo]

Except they aren't modifying personal property here. They are buying a product, modifying it and reselling it using the Apple Airtag name in their marketing. Your comment is talking about something completely different than what I am talking about.

You proved you are wrong in your own second sentence. " They are buying a product" Full stop. The rest of your comment is seriously misinformed about the law,at least in the U.S. If you own something you can sell it to someone else. If you own something you can modify it. Your point would apply only to counterfeit air tags not made by apple but described genuine as apple products.

 

[E.Lizardo]

It’s new, but it hasn’t enabled any NEW threats. They’re the same old threats and they are acted upon LESS easily (as the devices are more expensive than others in the market) and LESS discreetly (they’ll ping nearby iPhones that they’re there, AND the device is tied to an AppleID two things that make it WAY less discreet than other already available options).

I think the best part about AirTags is that it allows people unfettered use of the word “dragnet”, the search of which will bring attention to a show that EVERYONE should know about.

With apologies to Harry Morgan, many people don't want to hear "just the facts ma'm.".....Or was that Jack Webb's trademark?

 

[T-R-S]

You can easily buy devices that read key fobs to gain entry to apartment buildings and cars. Any device can be abused. I found my bike that was stolen with an Airtag. The sheriff was alerted to its location along with over a hundred other stolen bikes.

 

[seek3r]

I wonder if apple could update the firmware to let the AirTags only function if it can detect that the speaker is connected and functional.

Probably wouldnt help, folks selling this kind of stuff could toss a $0.02 resistor on to match the impedance of the speaker if they really wanted to.

 

[Stunning_Sense4712]

That is a fair point and something to consider, but I still stand by what I say. They have put measures in to protect consumers, if people modify them they can't do much. I suppose they could maybe do a software update to make them not work at all if the speaker is disabled phsyically.

Then people would disable the speaker in a way that bypasses those protections.

 

[fenderbass146]

Then people would disable the speaker in a way that bypasses those protections.

Easier said then done....