Apple's Find My Feature Requires Two Devices, Boasts Extreme Security Safeguards

2019-06-06 411 Posted by 3uTools

A report on Wednesday digs deep into Apple's new Find My service, an upcoming iOS 13 and macOS Catalina feature that leverages encrypted crowdsourced data to pinpoint the location of a missing or stolen iPhone, iPad or Mac. 

Apple's Find My Feature Requires Two Devices, Boasts Extreme Security Safeguards

Apple SVP of Software Engineering Craig Federighi unveiled Find My onstage at the Worldwide Developers Conference on Monday, touting the new tool's ability to track the location of iOS 13 and macOS Catalina devices even when they are offline. 

A high level overview of the technology revealed Apple is leveraging its massive user install base to power Find My. Target devices send out Bluetooth beacon signals that are picked up by nearby iOS or Mac machines, which relay the identifier and their own location information back to Apple for later perusal by Find My users. 

The entire process, from beacon generation to crowdsourced location data gathering, is automated, encrypted and designed in such a way that disallows bad actors — and Apple itself — from snooping on unsuspecting device owners. 

When setting up Find My, the at least two Apple products generate a cryptographically strong private key that is shared between registered devices through end-to-end encrypted communication. This key is stored locally, presumably in iPhone's Secure Enclave or Mac's T2 chip, for later use. 

The Bluetooth beacon is broadcast to nearby devices, which automatically pick up the signal, intertwine their own location using the public key and send this information along with a hash of the public key to Apple's servers. 

With the data stored in Apple's cloud, users looking for a lost device open Find My on a second Apple device to conduct a search. The second device sends a hash of its own public key to the cloud, which is matched with the stored beacon key. How, exactly, Apple is able pair two rotating public keys is at this point unknown. 

Finally, Apple transmits the encrypted location of the lost device down to Find My user devices, which decrypt the information using the stored private key. 

Find My debuts with iOS 13 and macOS Catalina this fall.

Source: Appleinsider

Related Articles

Alibaba Pandora Lab Jailbreaks iOS 11.2 Successfully Rumor: Apple Blocks Activation on iOS 9.0-9.3.5 Firmware Qihoo 360 Vulcan Team has Achieved iOS 11.3 Jailbreak iOS 11.2.2 Jailbreak With Electra Might Be Possible, Here’s What You Need To Know Apple Still Signing iOS 11.3 Beta 5/6, Downgrade to It to Jailbreak Your iPhone iOS 11.1.2 Exploit async_wake ipa is Released iOS 10.3.X 64-Bit Jailbreak is Coming Soon Alibaba Pandora Lab Untethered Jailbreaks iOS 12 Successfully